Can someone tell me what sent my WAN down?

Sechorda · October 6, 2024, 11:35pm

I got spammed with some log messages which knocked me offline briefly. Can anyone tell me what happened?

specifically the permission denied errors?

network.interface notify_proto { "action": 0, "link-up": false, "keep": false, "interface": "wan" } (Permission denied)

Sun Oct  6 15:14:59 2024 kern.warn kernel: [1142025.692516] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:14:59 2024 kern.warn kernel: [1142025.718086] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:08 2024 kern.warn kernel: [1142035.238175] net_ratelimit: 20 callbacks suppressed
Sun Oct  6 15:15:08 2024 kern.warn kernel: [1142035.238214] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:09 2024 kern.warn kernel: [1142035.702997] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:09 2024 kern.warn kernel: [1142035.784531] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:09 2024 kern.warn kernel: [1142035.787390] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:09 2024 kern.warn kernel: [1142036.086859] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:09 2024 kern.warn kernel: [1142036.158899] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:10 2024 kern.warn kernel: [1142037.600258] nf_conntrack: nf_conntrack: table full, dropping packet
Sun Oct  6 15:15:10 2024 kern.warn kernel: [1142037.613800] nf_conntrack: nf_conntrack: table full, dropping packet

Sun Oct  6 18:29:10 2024 daemon.notice netifd: Interface 'wan' is disabled
Sun Oct  6 18:29:10 2024 kern.info kernel: [1153677.403634] mtk_soc_eth 1e100000.ethernet eth0: Link is Down
Sun Oct  6 18:29:10 2024 daemon.warn dnsmasq[1]: no servers found in /tmp/resolv.conf.d/resolv.conf.auto, will retry
Sun Oct  6 18:29:10 2024 daemon.notice netifd: Network device 'eth0' link is down
Sun Oct  6 18:29:10 2024 daemon.notice netifd: Interface 'wan' has link connectivity loss
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): udhcpc: received SIGTERM
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): udhcpc: unicasting a release of xxxxx to xxxx
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): udhcpc: sending release
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): udhcpc: connect: Network unreachable
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): udhcpc: entering released state
Sun Oct  6 18:29:10 2024 daemon.notice netifd: wan (3264): Command failed: ubus call network.interface notify_proto { "action": 0, "link-up": false, "keep": false, "interface": "wan" } (Permission denied)
Sun Oct  6 18:29:10 2024 daemon.notice netifd: Interface 'wan' is now down
Sun Oct  6 18:29:10 2024 kern.info kernel: [1153677.529880] mtk_soc_eth 1e100000.ethernet eth0: PHY [mdio-bus:00] driver [MediaTek MT7530 PHY] (irq=POLL)
Sun Oct  6 18:29:10 2024 kern.info kernel: [1153677.549447] mtk_soc_eth 1e100000.ethernet eth0: configuring for phy/rgmii link mode
Sun Oct  6 18:29:10 2024 daemon.notice netifd: Interface 'wan' is enabled
Sun Oct  6 18:29:12 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Sun Oct  6 18:29:12 2024 daemon.info dnsmasq[1]: started, version 2.90 cachesize 1000
Sun Oct  6 18:29:12 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets
Sun Oct  6 18:29:12 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-nftset no-auth no-cryptohash no-DNSSEC no-ID loop-detect inotify dumpfile
Sun Oct  6 18:29:12 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus

brada4 · October 7, 2024, 4:50am

Do you play competitive online games and run gameservers?

brada4 · October 7, 2024, 4:51am

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall

xize · October 7, 2024, 7:52am

From what i read i suspect it to be a network loop often a cause by a misconfiguration or bad switch looping the network.

but configurations are needed, also what is connected to wan?

Sechorda · October 7, 2024, 11:20am

I was doing some legal/authorized network scanning involving DNS. I suspect this was the cause.

I found this solution to increase load thresholds. My device has plenty of memory and storage so i'll try this out...

github.com/openwrt/openwrt

FS#3042 - nf_conntrack: nf_conntrack: table full, dropping packet

opened 11:55AM - 23 Apr 20 UTC

closed 11:07AM - 25 Apr 20 UTC

openwrt-bot

flyspray

*ksten:* Model: TP-Link Archer C7 v2 Firmware: OpenWrt 19.07.2 r10947-65030d81…f3 / LuCI openwrt-19.07 branch git-20.057.55219-13dd17f I did a fresh reinstall of everything when I switched to 19.07 so that I wouldn't have any lingering issues from an upgrade. The only configuration I've done is to turn on wifi and change the subnet to 192.168.111. The router runs fine for a few days, but then starts dropping packets, then nothing can communicate anymore until I reboot it. [ 158.885596] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.897353] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.904226] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.910741] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.919074] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.925539] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.932419] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.938881] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.945360] nf_conntrack: nf_conntrack: table full, dropping packet [ 158.951771] nf_conntrack: nf_conntrack: table full, dropping packet [ 163.895910] net_ratelimit: 3381 callbacks suppressed

You need to finetune generic default values /etc/sysctl.d/11-nf-conntrack.conf to match your use case/load.|

system · October 17, 2024, 11:21am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.