RTL960x icon indicating copy to clipboard operation
RTL960x copied to clipboard

Published 20 hours ago verified publisher icon Anime4000

Strange permanent incoming traffic from DFP-34X-2C2

Open r00tGER opened this issue 2 years ago • 9 comments

Internet works great, but I see permanent incoming traffic on SFP interface from ONU Stick, ~3...8Mbps incoming-trafic It's not a download traffic from LAN

Some samples from ONU Stick (via SSH connection):

# ifconfig -a
br0       Link encap:Ethernet  HWaddr 38:3A:21:27:E4:60
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5305 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4087 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:869079 (848.7 KiB)  TX bytes:3531796 (3.3 MiB)

eth0      Link encap:Ethernet  HWaddr 38:3A:21:27:E4:60
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5305 errors:0 dropped:0 overruns:0 frame:0
          TX packets:43263 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:869079 (848.7 KiB)  TX bytes:5412178 (5.1 MiB)
          Interrupt:26 Base address:0x2000

# flash get OMCI_OLT_MODE
OMCI_OLT_MODE=0 (Default Mode)
# flash get VLAN_CFG_TYPE
VLAN_CFG_TYPE=1 (Manual)
# flash get VLAN_MANU_MODE
VLAN_MANU_MODE=1 (Tagging Mode | VLAN Stacking / Q-in-Q)
# flash get DIRECT_BRIDGE_MODE
DIRECT_BRIDGE_MODE=1
# flash get PON_MODE
PON_MODE=1 (GPON)
# flash get PON_VENDOR_ID
PON_VENDOR_ID=OEM
# flash get FIBER_MODE
FIBER_MODE=0
# flash get DEVICE_TYPE
DEVICE_TYPE=0 (bridge)
# flash get OMCI_VEIP_SLOT_ID
OMCI_VEIP_SLOT_ID=255

Some screenshots from WEB UI: device-status pon-status vlan-settings omci-information

r00tGER avatar Nov 16 '22 12:11 r00tGER

it could be IPTV broadcast?

Anime4000 avatar Nov 16 '22 13:11 Anime4000

it could be IPTV broadcast?

Selected recommended VLAN:ID for my ISP. But, I see that there are other VLANs. I'll try to check them too.

# omcicli mib get 84
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
VlanTagFilterData
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
=================================
EntityID: 0x03
FilterTbl[0]: PRI 0,CFI 0, VID 10
FwdOp:  0x10
NumOfEntries: 1
=================================
=================================
EntityID: 0x04
FilterTbl[0]: PRI 0,CFI 0, VID 20
FwdOp:  0x10
NumOfEntries: 1
=================================
=================================
EntityID: 0x05
FilterTbl[0]: PRI 0,CFI 0, VID 30
FwdOp:  0x10
NumOfEntries: 1
=================================
=================================
EntityID: 0x06
FilterTbl[0]: PRI 0,CFI 0, VID 40
FwdOp:  0x10
NumOfEntries: 1
=================================
=================================
EntityID: 0x07
FilterTbl[0]: PRI 0,CFI 0, VID 50
FwdOp:  0x10
NumOfEntries: 1
=================================
=================================
EntityID: 0x08
FilterTbl[0]: PRI 0,CFI 0, VID 60
FwdOp:  0x10
NumOfEntries: 1
=================================

r00tGER avatar Nov 16 '22 14:11 r00tGER

It looks like broadcast IPTV traffic. Is your provider MGTS? Welcome to ru-board forum.

skon77 avatar Nov 16 '22 20:11 skon77

if you dont do vlan filtering you will see multicast IPTV traffic from everyone on your node (on the multicast vlan id)... mine totaled up to like 90mbps ! but with vlan filtering and/or igmp snooping it doesnt get passed to other interfaces unless needed

rajkosto avatar Nov 27 '22 13:11 rajkosto

what I understand IPTV traffic Multi-cast, is like TV Antenna broadcast but over wire right?

Anime4000 avatar Nov 27 '22 14:11 Anime4000

what I understand IPTV traffic Multi-cast, is like TV Antenna broadcast but over wire right?

But in general, if ISP hardware is properly configured, multicast traffic is not permanent. It must appear on request from the client. And of course, if now your neighbor on the network has requested multicast, it will appear for you as well. And it can also be encrypted or free.

I dont use IPTV from my ISP so I set "drop" action on SFP interface for "multicast" in ip/firewall/raw.

skon77 avatar Nov 28 '22 12:11 skon77

looks like this case same as #51 and my choice was to remove the downstream traffic

longthanhtran avatar Nov 10 '23 07:11 longthanhtran

looks like this case same as #51 and my choice was to remove the downstream traffic

Is there a way to remove it with the config, to survive a restart ? In my case for example is default gem port 4095 https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst_pon/software/configuration_guide/mcast/b-gpon-config-multicast/configuring_multicast_in_gpon_network.html

# diag gpon show ds-flow
gpon show ds-flow
============================================================
     GPON ONU MAC D/S Flow Status
Flow ID | GEM Port | Type | Multicast | AES
      0 |     4095 |  ETH |           |
      1 |      355 |  ETH |           |   *
      2 |     1379 |  ETH |           |   *
      3 |     1507 |  ETH |           |   *
      4 |     1251 |  ETH |           |   *
      5 |     1123 |  ETH |           |   *
      6 |      995 |  ETH |           |   *
      7 |      867 |  ETH |           |   *
      8 |      483 |  ETH |           |   *
      9 |      611 |  ETH |           |   *
     10 |      739 |  ETH |           |   *
     64 |       99 | OMCI |           |
============================================================

chitz852 avatar Mar 14 '24 08:03 chitz852

I think you can't, since omci is on ISP hands so once the fiber plugged in then omci commands those parameters, including downstream / upstream flow.

longthanhtran avatar Mar 14 '24 09:03 longthanhtran