DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

QoS Indicator - specifically on 2710N - but no doubt much the same for all !

  • ambrougham
  • Topic Author
  • Offline
  • New Member
  • New Member
More
19 Nov 2024 13:22 #104180 by ambrougham
[justify]Hi

I am using several Vigor 2710N routers ... and as I can hear the soapbox being dragged out as I type, yes I am well aware just how old, cranky, bug-ridden and insecure etc. they no doubt are. One is being used entirely as expected on an ADSL2+ line and has been for donkey's years now. No apparent issues at all with excellent stability and stats etc. The others are just being used as switches and wireless APs at the end of a CAT5 cable. They just sit there doing their thing on the LAN whilst constantly rebooting the modem etc. because nothing ever seems to stop it from continually trying to connect to the non-existent ADSL line !

Generally speaking all is well apart from the fact I've been suffering persistent and often severe WIFI abuse and hacking attempts from neighbours for even longer than I've had this set-up. Syslog is being used in all cases and historically all attempted abuse is therefore not only obvious but so is confirmation that the abuse attempts failed to achieve anything other than provide significant nuisance value.

However, after a quite lengthy lull, persistent abuse is definitely back once again but this time it seems to be different to previously. I'm not seeing anything of any consequence in the syslog. Just strange and unexplained weirdness, including strange things showing on a long-standing thinkbroadband.com Quality Monitor which I set up donkey's years ago and has been running ever since.

I have a question about Vigor QoS and the indicator LED on the unit.

All the 2710s are set up identically apart from IP and SSIDs of course. Anything other than 'basic' stuff is intentionally disabled including everything in the general "Bandwidth Management" section which includes QoS. I've also checked via telnet in case there are options/settings hidden in the web interface:

> qos setup -V
 List WAN1 QoS general setting
 QOS mode is disable
 class 1 ratio is 25
 class 2 ratio is 25
 class 3 ratio is 25
 other ratio is 25
 udp bandwidth control is disable
 Outbound TCP ACK Prioritize is disable
>


In general, the QoS LEDs have always been permanently OFF in all cases all of the time. I've only ever seen it illuminate during a reboot when all LEDS tend to flash at least once. Possibly in TFTP mode as well but I can't remember for sure. HOWEVER, one of the several switch/AP 2710's has just started periodically flashing the QoS LED. This is not happening on any of the others. All settings are correct and rebooting makes no difference. I haven't tried re-flashing the existing most recent firmware ... yet !

What I really need to establish here is exactly what the QoS LED is supposed to indicate. Then find out why 1 unit has started briefly flashing the LED at seemingly random occasions and for a seemingly random number of times on each occasion. It's typically just 1 very short flash every few minutes. Sometimes more frequently. Sometimes several very short flashes. All very random.

Does anyone know for certain how the QoS indicator should behave and under what circumstances it is actually turned on ?

The spec and manual data seems to imply that it only relates to the WAN interface traffic which, of course, isn't being used on the switch/AP 2710s.

The only possibility that I can see is that I've set a "Rate Control" on some SSIDs. Whilst there is absolutely no evidence of any valid functional connection (or even an attempted connection) to those SSIDs, is it perhaps possible that random data abuse targeted at the relevant SSID MAC is triggering the Rate Limit which then flashes the QoS LED ?

Otherwise I'm at a complete loss to explain the QoS flashes ... but I'm totally convinced that it's down to WIFI abuse because of when it started and other stuff going on despite syslog data being entirely as expected and showing nothing even remotely strange.

In case it's relevant, all my incoming WIFI abuse appears to be being targeted at MACs and not SSIDs. Whether SSIDs are hidden or otherwise and what they're actually called is completely irrelevant. Someone appears to have been sniffing the ether and grabbing MACs to abuse for whatever sad reason they might have for doing so ! Any shiny new device is abuse-free for a while until it apparently get noticed and added to the list :rolleyes:

Any info, pointers or suggestions would be very much appreciated :)
[/justify]

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami