I recently configured my 2820 to email me when it detected a DoS attack. To my surprise I got such an email this morning. The contents of the Dos log email looks pretty obvious but it seems to suggest the attacks came from the 2820, ie the IP allocated by my ISP and from some other source for which traceroute of the IP is unsuccessful. Question: how can my 2820 be attacking itself? Wise words on this would be welcome.