Results 1 to 9 of 9
  1. #1
    Untangler
    Join Date
    Apr 2010
    Posts
    50

    Default Untangle sending 10k pps over public networks when external is looking for DHCP.

    I have been setting up untangle on my ESXi server that is colocated in a datacenter. I've run into some issues where the public IPs I assigned didn't take right away and the Untangle box began spamming the network with 10k pps and took other servers on the same switch down. It basically acted like a DOS.


    Has anyone else seen this before?


    My solution has been to keep all interfaces looking at an isolated vSwitch until configured then point the public port at the internet after its configured, test and if failed then point it back to prevent the DOS.

    Any ideas on how to prevent untangle from going DOS like this? Its causing problems for me as well as my host.

    Thanks

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by Archness View Post
    Has anyone else seen this before?
    Yes, configured any two interfaces as a bridge, plug them into same switch.

    More information here:
    https://www.youtube.com/watch?v=jyaLZHiJJnE
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Apr 2010
    Posts
    50

    Default

    Accept that only one port was aimed at the public per untangle VM on the server(two untangles). I'm setting up multiple Untangle VMs on the same server to create isolated networks for two different projects. Does this mean that turning on two at the same time will cause a DOS?

  4. #4
    Master Untangler
    Join Date
    Oct 2008
    Posts
    913

    Default

    Sounds like a broadcast storm to me. That happens when you have the NICs plugged into the same switch with no logical separation of the networks

    Sent from my Galaxy Nexus

  5. #5
    Untangler
    Join Date
    Apr 2010
    Posts
    50

    Default

    Public Switch in ESXi>

    Public IP ending in .154> Untangle 1> 172.16.30.x > AD and other servers for net 1 (each net has its own switch)
    Public IP ending in .167> Untangle 2> 172.16.20.x > Servers for net 2 (each net has its own switch)

  6. #6
    Untangler
    Join Date
    Apr 2010
    Posts
    50

    Default

    BTW, thanks for the responses guys.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,959

    Default

    I'm not sure what the additional information is for, or even if you're still stuck. But the suggested reaction of Untangle is quite literally the only condition upon which Untangle will do this.

    Take a patch cord and plug it into the same switch twice without spanning tree enabled, and you'll see the same result.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangler
    Join Date
    Apr 2010
    Posts
    50

    Default

    Right, I understand that. But I've only got one interface looking public on each UTM when this happens. But Both UTMs connect to the same switch....

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,959

    Default

    Which means you have created a loop in your switching. That's what everyone here is trying to get at. Virtual networking isn't easy, something is miswired where you think it isn't.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2