Community discussions

 
geraldv
just joined
Topic Author
Posts: 4
Joined: Mon Nov 12, 2012 11:44 pm

Help .. Routerboard generating own traffic on internet side

Tue Nov 13, 2012 12:11 am

Hi All

Apologies if I have posted incorrectly, I am a noobie.

I am using a RB405G on OS 5.16 .. A dealer supplied and configured it.

We are experiencing a strange traffic phenomenon several times a day only on the external network side.
The router just starts sending and receiving traffic continuosly on the external side only. Coupled with this is cpu at +50% usage.
It gets so bad that normal internet use slows down to a dribble. I have unplugged the internal side of the network and it continues like this.
I have to disconnect the internet side and leave for a few minutes and reconnect, then everything returns to normal again.
This is resulting in incredibly high internet bandwidth usage been reported by my ISP.
There is a huge usage stat difference seen between the internal port and the external port. With the external port been +30% higher than internal side.
In last 30days internal = 200Gig / External =300Gig.

With internal side disconnected the RB firewall still shows many active connections sending and receiving at a high rate.

Anybody got any suggestions how to sort this out?

Thanks in advance.
 
regardtv
Frequent Visitor
Frequent Visitor
Posts: 72
Joined: Sat Jan 21, 2006 6:54 pm
Location: Johannesburg, South Africa
Contact:

Re: Help .. Routerboard generating own traffic on internet s

Thu Nov 15, 2012 12:44 am

I'd suggest you see if you have "/ip proxy" enabled - if you do, firewall it so only your interal IPs can get to it.
~If I helped please give me Karma - its free after all~
I make these posts in my personal capacity.
 
User avatar
NAB
Trainer
Trainer
Posts: 503
Joined: Tue Feb 10, 2009 4:08 pm
Location: UK
Contact:

Re: Help .. Routerboard generating own traffic on internet s

Thu Nov 15, 2012 1:32 am

I'd suggest you see if you have "/ip proxy" enabled - if you do, firewall it so only your interal IPs can get to it.
Likewise, check you don't have an open DNS resolver (may be being used for an amplification attack).
Nicholas Barnes BSc(hons)
Certified Mikrotik Consultant
Certified Mikrotik Trainer

Vitell - Asterisk, Linux and network consultants
Unofficial IRC channel: #routerboard on irc.z.je

Who is online

Users browsing this forum: MSN [Bot] and 61 guests