This morning part of my network became very unstable. Connections drop all the time from some PC’s (not all) and I cannot make contact to some routers or when contact is made they connection drop after 30 sec up to 5 mins…
Some 1st step away routers I can reach with a terminal session from within my local network gateway router, and these connections stay alive. While a winbox connection to same unit at same time drops all the time. So mac level communication is not hurt.
I have no problem connecting with winbox into my local network router that functions as gateway to the rest om my network and ultimately to the internet.
On the public side of this router some other routers are attached, some cabled, some wireless and behind these off course my client network is to be found.
I ran sniff tool on the ´public´ ether port of my gateway router and found basically 99% packages with IP protocol tcp but under the column “Protocol” they all have “2048(ip)” mentioned!
I googled on protocol 2048 and find a dsl monitor protocol.
In MT manual nothing about such protocol is to be found.
In firewall I cannot set filter for protocol 2048. Only for port number 2048 but these counters then stay empty.
So, can anybody explain what this is???
And where it could come from??
I think this is hammering my network because even a 5 sec sniff gives me almost 200 connections. All these connections are coming from, or going to ip addresses making part of my gateway router’s public Ip network.
The weird thing is that out of my 6 PC’s that are behind my gateway router, only 4 have problems making connections to the internet or remote routers on the local network I own. I have put scr-nat on the public interface for all my PC’s but it makes no difference. Same are dropping, same PC’s function normal. Thsy should all go out my gateway with same IP…
Very weird and a serious problem I have no answer to yet… Please help!
well, I used sniffer before but can’t recall ever seeing this.
Anyway, I had my Vodafone adsl lines down I found out. The whole country (Spain) suffered from that.
But my modems are at least 4 routers (so different networks too) away behind two natted firewalls. I don’t see what that could have anything to do with it but my problems seems to have been dissapeared after the adsl lines came back althoug I still see that protocol in sniffer… very weird…
“Weird” I referred to the fact that within my network I lost connectivity between a group or routers which dissolved the same moment the two adsl lines came back on line again… they are at least 4 hops away and have nat firewall enabled. How can they still disrupt my network?
The protocol I still see while the situation is back to normal. Plus what I have been reading since I indeed presume it is a very normal protocol. I just don’t seem to remember I ever saw it before…
But thanks for the help anyway..
Buenas noches. Me ha sucedido lo mismo o al menos algo bastante similar a lo descripto aca. Dificultad para ingresar a mis antenas mediante VPN, lentitud importante en un grupo numeroso de usuarios de mi sistema, algunos ni siquieran podian abrir alguna pagina. Luego de hacer el analisis veo que direcciones internas de una red 10.10.10.0/24 que si bien esra definida en mi MKT como la red de transferencia y control de mis antenas, que no supera la ip 10.10.10.36, tiene muchas rx y tx a direcciones internas de mis clientes en una red absolutamente distinta. El protocolo 2048ip y el puerto siempre 9080 y 9081.
Alguien puede explicarme que es lo que ocurre?
Muchas gracias