TCP/UDP Port Usage

Started by AmigaDude, February 27, 2011, 03:30:33 PM

Previous topic - Next topic

AmigaDude

Can anyone help to explain exactly what/who the OBi is talking to?
QuoteHardwareVersion 2.8
SoftwareVersion 1.1.0 (Build: 1892)
There are several UDP sessions that come and go, connecting to ???  
I have SP1/2 each connected to Google Voice accts, OBiTalk is disabled, and Auto Provisioning/Update is disabled.  Most everything else is at the default settings.

UDP port 10140 at ec2-204-236-134-243.us-west-1.compute.amazonaws.com
UDP port 10400 at c-24-6-183-228.hsd1.ca.comcast.net
UDP port 10000 at DHCP-167-213-caltech.edu
and gotta love this one:
UDP port 123 at you.dontlike.us  (I thought NTP was from pool.ntp.org?)

I'm guessing the 2 long running TCP ports are the GVoice connections.


sess[30891]: bkt 78, flags: 0x000081a1, proto: 17, cnt: 2528
 l: 192.168.180.210:10000, f: 204.236.134.243:10140, n: aa.bbb.xx.yyy:10000
 lnd: (51,0), fnd: (61,0)
 last used 205684, max_idle: 600

*** Nslookup [ 204.236.134.243 ] = ec2-204-236-134-243.us-west-1.compute.amazonaws.com ***

sess[40319]: bkt 78, flags: 0x000081a1, proto: 17, cnt: 2
 l: 192.168.180.210:10000, f: 24.6.183.228:10400, n: aa.bbb.xx.yyy:10000
 lnd: (51,0), fnd: (61,0)
 last used 205119, max_idle: 600

*** Nslookup [ 24.6.183.228 ] = c-24-6-183-228.hsd1.ca.comcast.net ***

sess[40490]: bkt 78, flags: 0x000001a1, proto: 17, cnt: 2
 l: 192.168.180.2:50929, f: 68.94.156.1:53, n: aa.bbb.xx.yyy:50929
 lnd: (51,0), fnd: (61,0)
 last used 205233, max_idle: 600

*** Nslookup [ 68.94.156.1 ] = AT&T DNS ***

sess[40797]: bkt 78, flags: 0x000081a1, proto: 17, cnt: 2
 l: 192.168.180.210:10000, f: 204.236.134.243:10280, n: aa.bbb.xx.yyy:10000
 lnd: (51,0), fnd: (61,0)
 last used 205436, max_idle: 600

*** Nslookup [ 204.236.134.243 ] = ec2-204-236-134-243.us-west-1.compute.amazonaws.com ***

sess[40803]: bkt 78, flags: 0x000081a1, proto: 17, cnt: 2
 l: 192.168.180.210:10000, f: 131.215.167.213:10000, n: aa.bbb.xx.yyy:10000
 lnd: (51,0), fnd: (61,0)
 last used 205595, max_idle: 600

*** Nslookup [ 131.215.167.213 ] = DHCP-167-213-caltech.edu ***

sess[40889]: bkt 57, flags: 0x000001a1, proto: 17, cnt: 2
 l: 192.168.180.210:60845, f: 97.107.128.165:123, n: aa.bbb.xx.yyy:60845
 lnd: (51,0), fnd: (61,0)
 last used 206689, max_idle: 600

*** Nslookup [ 97.107.128.165 ] = you.dontlike.us ***




sess[16101]: bkt 206, flags: 0x000001a1, proto: 6, cnt: 4133
 l: 192.168.180.210:34925, f: 74.125.47.125:5222, n: aa.bbb.xx.yyy:34925
 lnd: (51,0), fnd: (61,0)
 last used 205612, max_idle: 600
 TCP state ESTABLISHED
 TCP IN: is: 1116542421, sent: 144989, unack'd 0, mss 0, windows_scale 0
 TCP OUT: is: 474323205, sent: 179771, unack'd 0, mss 0, windows_scale 0

sess[16102]: bkt 226, flags: 0x000001a1, proto: 6, cnt: 4074
 l: 192.168.180.210:27040, f: 74.125.47.125:5222, n: aa.bbb.xx.yyy:27040
 lnd: (51,0), fnd: (61,0)
 last used 205612, max_idle: 600
 TCP state ESTABLISHED
 TCP IN: is: 1597878269, sent: 135072, unack'd 0, mss 0, windows_scale 0
 TCP OUT: is: 1242213986, sent: 179277, unack'd 0, mss 0, windows_scale 0
*** Nslookup [ 74.125.47.125 ] = yw-in-f125.1e100.net ***


AmigaDude

 :) Well it appears that I found a solution to the numerous UDP connections. 

Using the device config, I had to ENABLE OBiTALK Service, Reboot to ensure it stuck, then DISABLE OBiTALK Service and finally Reboot.

Now I only show 1 occasional UDP connection to DNS, and 2 TCP connections - to Google Voice I presume, since I have SP1 and SP2 setup that way.

Only an educated guess, but it looks like we need a better way to force a reload of the config settings after a firmware upgrade.