In another post I mentioned that I am exeriancing extreme ping times on my RB333 but only on my SR9 cards with 32 clients. All wireless parameters are good but I can’t solve this issue. Is there a way for my to block all P2P or UDP traffic except for port 53. Will doing this block messenger too?
I would like to do this on a specific AP for a test only on WLAN2 (Which is the SR9 card). I would like to do this with some sort of QUEUE on the AP itself. The only reason I’m asking is my network expert is at the Poland MUM.
Any help is appreciated. BTW. All my clients run a P2P Queue, but I’m suspecting some sort of an issue with the queues since I mass upgraded my clients and AP to 3.2.
If your router is enabled for DNS (“Allow remote requests”), your router is vulnerable for DOS attacks from all sides, UNLESS you have a deliberate firewall rule to drop all TCP and UDP pot 53 traffic on your external interface(s).
On all my routers, especially ones exposed to the Internet, I have two firewall,filter rules, one to block UDP:53 and one for TCP:53.
I would go further and advise you block all ports, except ones you really want. You could accomplish this by creating ALLOW rules for all the valid ports, and finally a REJECT ALL INBOUND (NOTE: for the external interface) traffic.
I did yesterday and almost 100+ tickets started coming in asking for internet blocked, website not working, game not working, IPSEC not working, bla bla.