Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[dsfcom]

I've begun logging on this router with HW version A1 and FW version 1.04; trying to interpret the log results and having little luck.  Every two minutes the following entries are made:

10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:5555 TCP is redirected to internal 192.168.1.10:5555 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:3074 UDP is redirected to internal 192.168.1.10:3074 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:61349 UDP is redirected to internal 192.168.1.10:61349 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:59025 UDP is redirected to internal 192.168.1.10:59025 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:62487 UDP is redirected to internal 192.168.1.10:62487 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:60982 UDP is redirected to internal 192.168.1.10:60982 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:52352 UDP is redirected to internal 192.168.1.10:52352 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:52099 UDP is redirected to internal 192.168.1.10:52099 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:56447 UDP is redirected to internal 192.168.1.10:56447 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:65137 UDP is redirected to internal 192.168.1.10:65137 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:55049 UDP is redirected to internal 192.168.1.10:55049 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:55456 UDP is redirected to internal 192.168.1.10:55456 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:60483 UDP is redirected to internal 192.168.1.10:60483 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:62151 UDP is redirected to internal 192.168.1.10:62151 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:54018 UDP is redirected to internal 192.168.1.10:54018 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:65273 UDP is redirected to internal 192.168.1.10:65273 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:53983 UDP is redirected to internal 192.168.1.10:53983 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:53291 UDP is redirected to internal 192.168.1.10:53291 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:61313 UDP is redirected to internal 192.168.1.10:61313 (duration=604800)
10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:8080 TCP is redirected to internal 192.168.1.10:8080 (duration=604800)

These entries show what appears to be traffic from my modem's external IP (masked) to my router at 192.168.1.10.  These IPs are familiar to me so that is not my concern.  What I do not understand is the reason for such traffic via so many different ports.

Also showing up one minute in between the entries shown above is this:

10/11/2013 23:29   Local7.Debug   192.168.2.2   Drop UDP packet (src:192.168.2.2/5353, dst:224.0.0.251/5353) by MAC filtering rule(s).

I am quite new to logging and attempted to search this forum as well as many Google results with no luck.  If someone is familiar with this type of traffic or might shed some light it would be much appreciated.

Don

[FurryNutz]

Link>

Welcome!

• What region are you located?
• Are you wired or wireless connected to the router?
• Has a Factory Reset been performed?
• Was a Factory Reset performed before and after any firmware updates then set up from scratch?
• Was this happening before any firmware updates?

Whats the device at 192.168.0.10?

Internet Service Provider and Modem Configurations

• What ISP Service do you have? Cable or DSL?
• What ISP Modem Mfr. and model # do you have?
• What ISP Modem service link speeds UP and Down do you have?
• Check ISP MTU requirements, Cable is usually 1500, DSL is around 1492 down to 1472. Call the ISP and ask. Link>Checking MTU Values
• For DSL/PPPoE connections on the router, ensure that "Always ON" option is enabled.

Router and Wired Configurations
Some things to try: - Log into the routers web page at 192.168.0.1. Use IE, Opera or FF to manage the router.

• Turn off ALL QoS or Disable Traffic Shaping (DIR only) GameFuel (DGL only and if ON.) options, Advanced/QoS or Gamefuel.
• Turn off Advanced DNS Services if you have this option under Setup/Internet/Manual or under Setup/PARENTAL CONTROL/Set to>None: Static IP or Obtain Automatically From ISP.
• Enable Use Unicasting (compatibility for some ISP DHCP Servers) under Setup/Internet/Manual.
• Turn on DNS Relay under Setup/Networking. Link>Finding Faster DNS Addresses using Name Bench
• Setup DHCP reserved IP addresses for all devices ON the router. Setup/Networking. This ensures each devices gets its own IP address when turned on and connected, eliminates IP address conflicts and helps in troubleshooting.
• Ensure devices are set to auto obtain an IP address.
• If IPv6 is an option on the router, select Local Connection Only or Disable IPv6 options under Setup/IPv6.
• Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall. Enable or Disable SPI to test.
• Enable uPnP and Multi-cast Streaming under Advanced/Networking. Disable uPnP for testing Port Forwarding rules. Enable IPv6 Multi-cast Streaming for routers that have a Media Server option. Disable IPv6 Multi-cast Streaming if IPv6 or Media Server is not being used.
• Turn off WISH, and WPS under Advanced.
• WAN Port Speed set to Auto or specific speed? Some newer ISP modems support 1000Mb so manually setting to Gb speeds can be supported by the router. Advanced/Advanced Networking/WAN Port Speed
• Set current Time Zone, Date and Time. Use an NTP Server feature. Tools/Time.

[dsfcom]

Please see answers within below quote.  Most of this does not appear to be relevant to the original question.  I am simply looking for information regarding how to interpret the log entries.  Internally, my modem is at 192.168.1.1 and the router at 192.168.2.2.  However, the modem sees the router at 192.168.1.10.

Thank you again for any additional information regarding the logs.

Welcome!

• What region are you located? -Germany-
• Are you wired or wireless connected to the router? - Wireless (router to laptop) / Wired (router to modem) -
• Has a Factory Reset been performed? - Not Recently (August, 2013) -
• Was a Factory Reset performed before and after any firmware updates then set up from scratch? - Factory reset was performed after last update to 1.04 (updated in August, 2013) then set up from scratch -
• Was this happening before any firmware updates? - No (logs were not enabled until recently) -

Whats the device at 192.168.0.10?  - There is no device at this IP; believe you meant 192.168.1.10; this is how the modem sees the router. -

Internet Service Provider and Modem Configurations

• What ISP Service do you have? Cable or DSL? - Cable (Kabel Deutschland) -
• What ISP Modem Mfr. and model # do you have? - Hitron CVE-30360 -
• What ISP Modem service link speeds UP and Down do you have? - UP = ~1.95 Mbps / DOWN = ~18.87 Mbps (as read via WLAN from laptop at Speedtest) -
• Check ISP MTU requirements, Cable is usually 1500, DSL is around 1492 down to 1472. Call the ISP and ask. Checking MTU Values - Unsure. -
• For DSL/PPPoE connections on the router, ensure that "Always ON" option is enabled. - Don't know what this is; would be set to default router setting. -

Router and Wired Configurations
Some things to try: - Log into the routers web page at 192.168.0.1. Use IE, Opera or FF to manage the router.

• Turn off ALL QoS or Disable Traffic Shaping (DIR only) GameFuel (DGL only and if ON.) options, Advanced/QoS or Gamefuel. - QoS already disabled. -
• Turn off Advanced DNS Services if you have this option under Setup/Internet/Manual or under Setup/PARENTAL CONTROL/Set to>None: Static IP or Obtain Automatically From ISP. - Already set to prescribed setting. -
• Enable Use Unicasting (compatibility for some ISP DHCP Servers) under Setup/Internet/Manual. - Done. -
• Turn on DNS Relay under Setup/Networking. Finding Faster DNS Addresses using Name Bench - Already enabled. -
• Setup DHCP reserved IP addresses for all devices ON the router. Setup/Networking. This ensures each devices gets its own IP address when turned on and connected, eliminates IP address conflicts and helps in troubleshooting. - Already set up. -
• Ensure devices are set to auto obtain an IP address. - Already set up. -
• If IPv6 is an option on the router, select Local Connection Only or Disable IPv6 options under Setup/IPv6. - Already set to prescribed setting. -
• Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall. Enable or Disable SPI to test. - Done. -
• Enable uPnP and Multi-cast Streaming under Advanced/Networking. Disable uPnP for testing Port Forwarding rules. Enable IPv6 Multi-cast Streaming for routers that have a Media Server option. Disable IPv6 Multi-cast Streaming if IPv6 or Media Server is not being used. - UPnP already enabled; enabled IPv4 multicast; IPv6 multicast already disabled. -
• Turn off WISH, and WPS under Advanced. - Do not see these options. -
• WAN Port Speed set to Auto or specific speed? Some newer ISP modems support 1000Mb so manually setting to Gb speeds can be supported by the router. Advanced/Advanced Networking/WAN Port Speed - Auto. -
• Set current Time Zone, Date and Time. Use an NTP Server feature. Tools/Time. - Already set to prescribed setting. -

[/list]

[FurryNutz]

Thats because the router is getting it's WAN side IP address from the ISP modem.

• If this modem has a built in router, it's best to bridge the modem. Having 2 routers on the same line can cause connection problems: Link>Double NAT and How NAT Works. If the modem can't be bridged then see if the modem has a DMZ option and input the IP address the router gets from the modem and put that into the modems DMZ.

[dsfcom]

I am sorry but the original question remains.  I am not having connection problems and the modem/router is communicating nicely with the second router.  What I don't understand (going back to the log entries) is the external ISP IP communicating with the second router.  If it where 192.168.1.1 ==> 192.168.1.10 I would understand but it's the external IP that appears to be sending traffic to the second router via several ports every couple of minutes.

[FurryNutz]

Maybe the behavior of the interaction between the riuter and modem...

[dsfcom]

Ok thanks.  Is there a good source for D-Link log messages?  I'm looking for syntax and other information.  For example, take below entry:

10/11/2013 23:32   Local7.Debug   192.168.2.2   external xx.xx.xx.xx:5555 TCP is redirected to internal 192.168.1.10:5555 (duration=604800)

What does "Local7.Debug" mean?  And the other text?

[FurryNutz]

Most of the logging information is at diagnostic level meant for engineers and support personnel at DLink and isn't posted or made public. You would have to phone DLink to see if they would give you information on any particular log entry if you are exhibiting a problem. If your not then I wouldn't worry about it.