Hi all

I've got a small network that has been working very well for some time but recently performance has been low and when checking the MT router I see a LOT of connections (10-30´!).

The weird thing here is that these connections aren't even using my routers IP.. source are lots of machines on the Internet and destination is other IPs in my routers public IP range. IP's that are in use by other machines.

Now HOW in %¤#% can my router set up connections using an IP that it doesn't have? What do I do about this?

My last filter rule says "drop everything" but I have a rule higher up that say "allow established" and for some reason the router seems to think that these packets are part of a session...

Tried a filter rules saying that - in the forward chain, coming in on my Internet interface, adressed to !my_routers_public_ip was to be dropped... and that killed ALL my traffic

Any ideas out there?

/Jörgen

Do you have a bridged interface on that router? Connection tracking is probably tracking the state of all the traffic it hears, not just traffic specific to that router. In a routed network, that's traffic to the router or that passes through it, but in a bridged network it starts watching just about everything.

Yeah.. that was it, had enabled bridging to give my voip-box a public IP, I didn't have a switch on the outside of my router so I thought that I could just bridge my Internet connection to a dedicated port for the voip-box.... bad idea!

100% CPU does not make a happy router

/Jörgen