Discards on interface
2 months ago
Hi, I'm sorry to put everything here in English, my Deutsch is terrible, and I'm sorry to bother you in such a way.
I've got the following setup at home:
Draytek, that works as a dsl modem in a bridge mode and Ubiquity Edgerouter 4 for pppoe initialization and router.
interfaces {
ethernet eth0 {
address 192.168.165.100/24
description WAN
duplex auto
mtu 1500
speed auto
vif 7 {
description "Telekom Internet"
pppoe 0 {
default-route auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server none
password ****************
user-id ******@t-online.de
}
}
}
There are no issues with connectivity and getting an IP address on eth0.7 interface, and keep access to the Web UI of the Draytek modem available on https://192.168.165.1, but for some time I was able to notice discards on eth0 interface. I could gather some monitoring statistics with my LibreSNMP setup:
I have double checked mss-clamp:
# show firewall options
mss-clamp {
interface-type pppoe
mss 1452
}
interface statistics:
~$ show interfaces ethernet eth0
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 18:e8:29:4c:4e:ce brd ff:ff:ff:ff:ff:ff
inet 192.168.165.100/24 brd 192.168.165.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::1ae8:29ff:fe4c:4ece/64 scope link
valid_lft forever preferred_lft forever
Description: WAN
RX: bytes packets errors dropped overrun mcast
6611727912766 6092296480 0 12310169 0 12367734
TX: bytes packets errors dropped carrier collisions
4125255134146 4778176773 0 0 0
we could see dropped counter almost identical to mcast packets
I've checked the tcpdump:
~$ sudo tcpdump -i eth0 -n -vvv ether multicast
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:30:02.673078 unknown (10), length 52
0x0000: 0a00 19a7 0001 1000 0000 0100 0404 0000
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000
0x0030: 0000 0000
18:30:03.675005 unknown (10), length 52
0x0000: 0a00 19a7 0001 1000 0000 0100 0404 0000
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000
0x0030: 0000 0000
18:30:04.677617 unknown (10), length 52
0x0000: 0a00 19a7 0001 1000 0000 0100 0404 0000
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000
0x0030: 0000 0000
unknown packets are coming
I've set a multicast rule to accept:
# set firewall name WAN_LOCAL rule 30 action accept
# set firewall name WAN_LOCAL rule 30 description 'Allow modem multicast traffic'
# set firewall name WAN_LOCAL rule 30 destination address 224.0.0.0/4
# set firewall name WAN_LOCAL rule 30 protocol all
commited changes and save, but iptables statistics gives nothing:
~$ sudo iptables -L -v -n -x
Chain WAN_LOCAL (1 references)
pkts bytes target prot opt in out source destination
14626121 3872633460 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 /* WAN_LOCAL-10 */ state RELATED,ESTABLISHED
9257 544684 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* WAN_LOCAL-20 */ state INVALID
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.0/4 /* WAN_LOCAL-30 */
48 2592 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 /* WAN_LOCAL-999 */ LOG flags 0 level 4 prefix "[WAN_LOCAL-999-D]"
48 2592 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* WAN_LOCAL-999 */
1684642 86536818 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* WAN_LOCAL-10000 default-action drop */
looks like it is not an ip packet but ether instead
~$ sudo tcpdump -i eth0 -n -e -XX ether multicast
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:25:49.811001 00:24:45:62:9b:bb > 01:80:c2:00:00:02, ethertype Slow Protocols (0x8809), length 66: unknown (10), length 52
0x0000: 0a00 19a7 0001 1000 0000 0100 0404 0000
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000
0x0030: 0000 0000
0x0000: 0180 c200 0002 0024 4562 9bbb 8809 0a00 .......$Eb......
0x0010: 19a7 0001 1000 0000 0100 0404 0000 0000 ................
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0030: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0040: 0000 ..
19:25:50.812012 00:24:45:62:9b:bb > 01:80:c2:00:00:02, ethertype Slow Protocols (0x8809), length 66: unknown (10), length 52
0x0000: 0a00 19a7 0001 1000 0000 0100 0404 0000
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000
0x0030: 0000 0000
0x0000: 0180 c200 0002 0024 4562 9bbb 8809 0a00 .......$Eb......
0x0010: 19a7 0001 1000 0000 0100 0404 0000 0000 ................
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0030: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0040: 0000 ..
Googling ethertype 0x8809 gives me a link to the telekom document https://www.telekom.de/dlp/agb/pdf/53372.pdf
this is seems to be about EthernetConnect 2.0 - the service available for Geschäftskunden
My question is: is it normal to have discards on the interface?
Just curious if everything is configured right on uplink devices and i should just use my internet and do not pay attention to this discarded packets.
50
7
You might also be interested in
Request purchasing advice
Fill out our online contact form quickly and easily so that we can advise you personally in a timely manner.
View offers
Informieren Sie sich über unsere aktuellen Internet-Angebote.
