D-Link Forums
The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: TheTamagoko on June 10, 2011, 05:13:06 AM
-
I have tracked about 7 unique IPs originating from China where these scans for accesses to my network are causing 2-10secs of downtime in realtime gaming. Never had this problem when I was using Firmware 1.34NA. Stuck with 1.35NA and its causing lots of eyesores even though Wifi has been great with my laptop and phone for N/G. I only keep my main PC on and my 2 fileservers are offline until need to start archiving data or fetch something from them. Wifi is disabled until I need my laptop and phone. I personally had my ISP do an inhouse checkup and fixed some splitter issues and a new coax cable so signal issue is fine. Motorola 6120 Cable modem. Was pushed to contact my ISP Abuse group to figure this out but it might be a lingering issue for awhile. So WHAT THE HECK CAN I DO!? All my primary games, Starcraft 2, Counter-Strike:Source, Battlefield Bad Company 2 experience a lag spike and I tend to get kicked off the battle.net network and BBC2 servers. This never occurred until these Scans choke the router.
[INFO] Fri Jun 10 04:58:47 2011 Blocked incoming TCP connection request from 221.1.220.185:12200 to 68.3.171.14:9415
[INFO] Fri Jun 10 04:58:47 2011 Blocked incoming TCP connection request from 221.1.220.185:12200 to 68.3.171.14:2301
[INFO] Fri Jun 10 04:57:05 2011 Blocked incoming TCP connection request from 111.221.99.64:12200 to 68.3.171.14:27977
[INFO] Fri Jun 10 04:56:57 2011 Blocked incoming TCP connection request from 58.218.199.227:12200 to 68.3.171.14:7212
[INFO] Fri Jun 10 04:56:57 2011 Blocked incoming TCP connection request from 58.218.199.227:12200 to 68.3.171.14:8008
[INFO] Fri Jun 10 04:56:57 2011 Blocked incoming TCP connection request from 58.218.199.227:12200 to 68.3.171.14:8090
[INFO] Fri Jun 10 04:51:35 2011 Blocked incoming TCP connection request from 221.1.220.185:12200 to 68.3.171.14:27977
-
try putting in a rule for a broad range of those IP addresses in to the routers Inbound Filter rule.
Make sure they are nothing that you use first. If there not then give it a try. Might help.
Might ask your ISP if they can help do anything as well.
The router is doing it's job by blocking them however might be getting over worked in having to handle a ton of these if it seems to be getting scans like this.
I might also setup Reserved IP address for the device that you game on, on the router and setup a QoS rule for it.
-
I did setup a Inbound filter rule to block the various IPs/range tracked from the logs. Still does not help as the router continues to choke in realtime gaming situations. I'll try setting up the QoS rules but I guessing its this faulty 1.35NA on my router since the upgrade as I never had these chokes before until a few months prior. I do admire the protection but its not increasing my fun time of limited leisure time from work and life. I stated in my first post that my ISP Abuse group has been notified and are monitoring and looking in to it.
Thanks
-
Take a look at at the DGL-4500 forum for the Gaming stickys there, the UI is different however the data can be used if your using consoles and such. Might help you with QoS and lag issues.
-
They are already being blocked, so creating a rule isn't going to do anything for you. You are just going to have to wait until the port probers move onto another IP address which they will do if they are unsucessful at getting into your system. The biggest thing that would help you is if your ISP blocked those IPs on their end and you wouldn't have to see them at all.