Network Loops with Sonos? (received packet on eth1.1 with own address as source address)

Hey there,
I'm using OpenWRT for quite a while now. It's an awesome OS with lots of features.
The following network setup is present:

OpenWrt 21.02.0-rc2 r16122-c2139eef27 / LuCI openwrt-21.02 branch git-21.151.34805-8e14a08

  • VLAN 1 : LAN (Only Wired Devices, Including Several Sonos speakers)
  • VLAN 2 : WAN
  • VLAN 10: WIFI (All Wifi Clients, including phones)
  • VLAN 20: IOT (All Wireless IOT devices)

Sonos Configuration according to this post: Accessing Sonos from another LAN/VLAN and Sonos fully operational across VLANs (Updated Solution) - #2 by Blowfly

/etc/config/network

config interface 'loopback'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
        option device 'lo'

config globals 'globals'
        option ula_prefix 'fdab:bb1b:df74::/48'

config interface 'lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '10.10.0.1'
        option device 'br-lan'

config interface 'wan'
        option proto 'dhcp'
        option device 'eth0.2'
        option peerdns '0'
        list dns '1.1.1.1'
        list dns '8.8.8.8'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 2 3 4 5'
        option vid '1'
        option description 'LAN'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '6t 1'
        option vid '2'
        option description 'WAN'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t'
        option vid '10'
        option description 'WIFI'

config interface 'wifi'
        option proto 'static'
        option netmask '255.255.255.0'
        option delegate '0'
        option ipaddr '10.10.10.1'
        option device 'br-wifi'

config interface 'iot'
        option delegate '0'
        option proto 'static'
        option netmask '255.255.255.0'
        option device 'br-iot'
        option ipaddr '10.10.20.1'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option ports '0t'
        option vid '20'
        option description 'IOT'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1.1'

config device
        option name 'br-wifi'
        option type 'bridge'
        list ports 'eth1.10'

config device
        option name 'br-iot'
        option type 'bridge'
        list ports 'eth1.20'

To be able to use SONOS from a different VLAN (Phones in VLAN 10, Sonos in VLAN 1) i had to create several firewall rules, and installed mcproxy for MDNS.

/etc/config/mcproxy

config mcproxy 'mcproxy_file'
        option disabled '1'
        option respawn '1'
        option file '/etc/mcproxy.conf'

config mcproxy 'mcproxy'
        option disabled '0'
        option respawn '1'
        option protocol 'IGMPv3'

config instance
        option disabled '0'
        option name 'Sonos to Wifi'
        list upstream 'br-lan'
        list downstream 'br-wifi'

config instance
        option disabled '0'
        option name 'Wifi to Sonos'
        list upstream 'br-wifi'
        list downstream 'br-lan'

/etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option network 'wifi'
        option input 'ACCEPT'
        option name 'wifi'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan'

config zone
        option network 'iot'
        option name 'iot'
        option output 'ACCEPT'
        option input 'REJECT'
        option forward 'ACCEPT'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config forwarding
        option dest 'wan'
        option src 'wifi'

config forwarding
        option dest 'iot'
        option src 'lan'

config rule
        option src 'iot'
        option target 'ACCEPT'
        option family 'ipv4'
        option dest_port '53 67 68'
        list proto 'tcp'
        list proto 'udp'
        option name 'IoT DHCP, DNS'

config forwarding
        option dest 'lan'
        option src 'wifi'

config forwarding
        option dest 'iot'
        option src 'wifi'

config rule
        option name 'Forward Sonos Traffic from wifi'
        option family 'ipv4'
        option src 'wifi'
        option dest 'lan'
        list dest_ip '10.10.0.4'
        list dest_ip '10.10.0.150'
        list dest_ip '10.10.0.151'
        list dest_ip '10.10.0.152'
        list dest_ip '10.10.0.153'
        list dest_ip '10.10.0.154'
        option target 'ACCEPT'

config rule
        option name 'Sonos reply to wifi TCP'
        option family 'ipv4'
        list proto 'tcp'
        option src 'lan'
        list src_ip '10.10.0.4'
        list src_ip '10.10.0.150'
        list src_ip '10.10.0.151'
        list src_ip '10.10.0.152'
        list src_ip '10.10.0.153'
        list src_ip '10.10.0.154'
        option dest 'wifi'
        option target 'ACCEPT'
        option dest_port '445 554 1400 1443 3400 3401 3405 3445 3500 3501 3689 4070 4444 5297 5298'

config rule
        option name 'Sonos reply to wifi UDP'
        option family 'ipv4'
        list proto 'udp'
        option src 'lan'
        list src_ip '10.10.0.4'
        list src_ip '10.10.0.150'
        list src_ip '10.10.0.151'
        list src_ip '10.10.0.152'
        list src_ip '10.10.0.153'
        list src_ip '10.10.0.154'
        option dest 'wifi'
        option dest_port '136-139 554 1900-1905 5353 6969 30000-65535'
        option target 'ACCEPT'

config rule
        option name 'allow mDNS in LAN'
        option family 'ipv4'
        list proto 'udp'
        option src 'lan'
        option src_port '5353'
        list dest_ip '224.0.0.251'
        option dest_port '5353'
        option target 'ACCEPT'

config rule
        option name 'allow mDNS in wifi'
        option family 'ipv4'
        list proto 'udp'
        option src 'wifi'
        list dest_ip '224.0.0.251'
        option dest_port '5353'
        option target 'ACCEPT'

config forwarding
        option src 'iot'
        option dest 'wan'

config rule
        option name 'allow mDNS in IoT'
        option src 'iot'
        list dest_ip '224.0.0.251'
        option dest_port '5353'
        option target 'ACCEPT'
        option family 'ipv4'
        list proto 'udp'

config rule
        list proto 'tcp'
        option src 'iot'
        option dest 'lan'
        option target 'ACCEPT'
        option family 'ipv4'
        option name 'MQTT IoT to HomeAssistant'
        list dest_ip '10.10.0.2'
        option dest_port '1883 1884 8883 8884'

config rule
        list proto 'tcp'
        option src 'lan'
        option dest 'iot'
        option target 'ACCEPT'
        option name 'HomeAssistant MQTT to IoT'
        list src_ip '10.10.0.2'
        option src_port '1883 1884 8883 8884'
        option dest_port '1883 1884 8883 8884'

I still expierience a lot of dropouts from Sonos speakers, delays in finding them with spotify and the app. After checking the logs, i can see this:

[5142958.641272] net_ratelimit: 18 callbacks suppressed
[5142958.641283] br-lan: received packet on eth1.1 with own address as source address (addr:18:d6:c7:53:b3:0f, vlan:0)
[5142958.657225] br-lan: received packet on eth1.1 with own address as source address (addr:18:d6:c7:53:b3:0f, vlan:0)
[5142958.695496] br-lan: received packet on eth1.1 with own address as source address (addr:18:d6:c7:53:b3:0f, vlan:0)

Based on the Forum search, this can be related to the MDNS/Multicast from the Sonos speakers?
--> Kernel Warning - Received packet with own address as source address
--> Received packet on lan1 with own address as source address
--> Igmpproxy creates many "own address as source address" entries in kernel log

The Boost (10.10.0.4) is Wired, assigned a static ip (as all of my network devices), creating a sonosNet Mesh network.

Are any of your sonos devices, other than the boost, wired? Or are they all wireless?

Hi,
all other Sonos devices are wireless. the Boost is the "gateway" for the others (which form the Sonosnet). All devices have IP's within the LAN VLAN

I asked because I used to have a Bridge (the predecessor to the Boost) AND one of the actual players connected to the network -- this configuration worked for years until they made some change that I can only guess broke their STP implementation. I had larger network issues as a function of this and when I figured out that the Bridge was responsible for the issues, I disconnected it and everything has been perfect since then.

Are you experiencing issues with any of your other network devices (dropped packets, higher latency than normal, etc.), or is it only the sonos?

I'm not sure to be honest. If i think about it more thorough, i can recall some situations where i expirience higher latencies (home assistant take ages to load dashboard, wifi camera not updating picture reliably (even tho its like 2 meters away from the AP).

Logs do not indicate anything else than shown in initial post.
I surely know that my network config is far from complete and has room for improvements.

Currently only the Boost is wired, all other speakers are connected wireless to sonosnet.

You will probably not see switching loops and/or broadcast storms reflected in any of your logs.

If you unplug your Sonos, do any of the other potential issues appear to be resolved?

What else (in general) is hardwired to your network? Are there any things that are both wired and wireless (some devices may not handle this properly -- I've seen situations where Peloton bikes can cripple a network when both interfaces are active).

1 Like

Thanks for the headsup :slight_smile: Will try it out.
Wired is:

  • HomeAssistant Server (10.10.0.2)
  • Application Server (10.10.0.3)
  • Sonos Boost (10.10.0.4)
  • Homematic IP Gateway (10.10.0.5)

Rest is wireless (seperated by VLANs)

Hi,
after disconnecting the Boost (and therefore the whole Sonos Subsystem) and restarting the Router (to have a clear kernel log), the messages disappeared.

Question now is: how to fix/identify the culprit? I would like to actually continue using my Sonos speakers :smiley:

First verify that the problem is indeed related to the Sonos -- the messages disappearing may or may not be causal with unplugging the Sonos. However, if you can test by keeping it disconnected for a period of time, then reconnecting it and observing the logs for those messages, and then disconnecting it again and hopefully seeing no further messages during the next disconnect, that will help truly identify if the Sonos is responsible or not.

Then, I'd try putting the Sonos on the same VLAN as the devices that are controlling it (so probably the VLAN associated with your wifi network). Check to see if that resolves those issues. Then, you can put it back on the other VLAN and look at your configuration as it pertains to the inter-VLAN use of the Sonos to see if there are any issues with those packages or configuration options.

i can confirm its the sonos.
Right after i plugged in the boost, the messages reappeared:

[12309.062860] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 5 is up
[12314.183042] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 5 is down
[12316.230766] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 5 is up
[12573.501133] br-lan: received packet on eth1.1 with own address as source address (addr:18:d6:c7:53:b3:0f, vlan:0)
[12573.550087] br-lan: received packet on eth1.1 with own address as source address (addr:18:d6:c7:53:b3:0f, vlan:0)

found something related:

Hi,
i think i found the solution. Somewhere i stumbled upon the recommendation, not to use bridge devices when only 1 interface is linked.

I changed the br-lan Interface to the VLAN interface and configured it accordingly:

config interface 'lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '10.10.0.1'
        option device 'eth1.1'

The issue with the error message in the logs completely went away.
I guess this topic can be closed.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.