AnsweredAssumed Answered

Cyclic series of blocked connections hanging network

Question asked by Steven Prester on Jan 31, 2019
Latest reply on Feb 4, 2019 by Steven Prester

I'm having an issue with a cyclic series of blocked connections. I'm not sure this is the right place to ask this question, or if I should even ask.  Since I'm not industry-experienced yet I use a licensed GAIA appliance on my home network without a support contract, I've never bothered anyone at this level.  However I'm at a loss as to what's happening on my network, and without some understanding, I'm not going to be able to resolve the issue. If there is a better place to ask this question please point me there.  If I'm out of line, say so.

 

I'm not necessarily asking to have the problem solved for me, but to help me understand the dynamic so I can solve it. This started happening two evenings ago where the firewall is blocking the traffic shown in the attached screenshots. At times this gets so intense it functions like a DOS attack. 


The first pic is of the blocked connections, the second is active connections, and the third is active devices on the network. 

The 100.72.0.2 is attempting to contact an IANA Root Server at 224.0.0.18, and is on the same subnet as my WAN IP (100.72.0.85).

My LAN gateway is 192.168.2.0, and 192.168.2.4 is a WD MyCloud EX2 (installed a Jan/2019 FW update yesterday after reading about vulnerabilities - nothing changed) that is using NetBIOS and getting accepted at 192.168.2.255. It's also making UDP connections to an external IP address that ICANN returns null when I run a reverse IP lookup.

The 0.0.0.0 trying to connect to 255.255.255.255 simply baffles me.

 

This 730 NGTP WiFi appliance will not operate dual-band, therefore I have my old SG640 bridged to its LAN on 192.168.2.1 so that I can utilize 2.4 MHz WiFi. Firewall and WAN are turned off on the SG640.

Outcomes