Page 1 of 1

Massive amount of connections

Posted: Tue Sep 26, 2006 8:31 pm
by joeri91942
Hi all

I've got a small network that has been working very well for some time but recently performance has been low and when checking the MT router I see a LOT of connections (10-30´!).

The weird thing here is that these connections aren't even using my routers IP.. source are lots of machines on the Internet and destination is other IPs in my routers public IP range. IP's that are in use by other machines.

Now HOW in %¤#% can my router set up connections using an IP that it doesn't have? What do I do about this?

My last filter rule says "drop everything" but I have a rule higher up that say "allow established" and for some reason the router seems to think that these packets are part of a session...

Tried a filter rules saying that - in the forward chain, coming in on my Internet interface, adressed to !my_routers_public_ip was to be dropped... and that killed ALL my traffic :shock:

Any ideas out there?

/Jörgen

Posted: Tue Sep 26, 2006 10:19 pm
by UniKyrn
Do you have a bridged interface on that router? Connection tracking is probably tracking the state of all the traffic it hears, not just traffic specific to that router. In a routed network, that's traffic to the router or that passes through it, but in a bridged network it starts watching just about everything.

Posted: Thu Sep 28, 2006 10:21 am
by joeri91942
Yeah.. that was it, had enabled bridging to give my voip-box a public IP, I didn't have a switch on the outside of my router so I thought that I could just bridge my Internet connection to a dedicated port for the voip-box.... bad idea!

100% CPU does not make a happy router :(

/Jörgen