Reply
Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8
Accepted Solution

Martians won't stop

[ Edited ]

I have disabled the logging of martians and they STILL are logging at breakneck speed!!  The config shows "log-martians disable"  I need to stop them completely!!!

 

My problem is that the PPPoE WAN interface has an assigned public address that the ER5 sees as a martian and it logs every time a packets passes through the WAN interface.  It is driving me nuts but I can't stop it.  I would imagine this would shorten the life of the router if I can't get it stopped.

 

Any help would be appreciated.  I have stopped all logging that shows in the config.

 

 

 


Accepted Solutions
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

If the first one was 1, then you probably don't have logging disabled.

 

cat /proc/sys/net/ipv4/conf/all/log_martians
1

configure
set firewall log-martians disable
commit
save
exit

cat /proc/sys/net/ipv4/conf/all/log_martians
0

 

EdgeMAX Router Software Development

View solution in original post

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

No, but if you edit /etc/sysctl.d/30-vyatta-router.conf and comment out:

net.ipv4.conf.all.log_martians=1 

Then it will be ok on reboot.

EdgeMAX Router Software Development

View solution in original post


All Replies
SuperUser
Posts: 19,598
Registered: ‎09-17-2013
Kudos: 4931
Solutions: 1392

Re: Martians won't stop

post your current config, and an excerpt of the logs.

Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

Thanks for your response.  I have sent an private message to ubnt concerning the issue but haven't heard anything yet.  If you can help me solve this quickly, that would be most appreciated.

 

I don't have time right now to properly sanitize the config since I have a public LAN running, however the issue is a simple one.  The setting "log-martins disable" is set.  There is ONLY ONE IP that is repeating constantly in the logs and it is the WAN PPPoE assignment from my ISP.  It is a public IP address with a /32 subnet with a /29 subnet routed through it.  I have verified it with my ISP and it is the way they do things to conserve IPs.

 

As an example - when my router connects it gets a public IP - let's say 12.34.56.789 with a 255.255.255.255 subnet.  It shows clearly on the router pppoe interface.  Then, they route my static block by also assigning the number 12.34.56.789 255.255.255.248 to the same interface.  Since the 255 comes first and the 248 comes next, the ER5 goes ballistic.  The martian entry is:

 

Apr 26 16:42:54 gateway kernel: IPv4: martian source 12.34.56.789 from 255.255.255.255, on dev pppoe0

(i changed the address to protect the innocent)

 

The only thing I know to do at this point is to turn off martian logging, however it seems to be broke in alpha3.

 

SuperUser
Posts: 19,598
Registered: ‎09-17-2013
Kudos: 4931
Solutions: 1392

Re: Martians won't stop

hm, gonna need your config, since it ~sounds~ like things are right.

 

If you're using hte alpha release, you'd also do well to post in the beta forums.

Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

I may just revert to 1.6 since I am having this problem.  I assume that disabling martian logging will work in released versions.

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

Can you show the output of:

cat /proc/sys/net/ipv4/conf/all/log_martians

cat /proc/sys/net/ipv4/conf/pppoe0/log_martians

 If either is a 1 then try:

sudo sh -c "echo 0 > /proc/sys/net/ipv4/conf/pppoe0/log_martians"

 

EdgeMAX Router Software Development
Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

The first command was a 1 the 2nd one was 0.  I ran the next command and it appears to have stopped the logging however it doesn't seem to hold through a reboot of the system.

 

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

If the first one was 1, then you probably don't have logging disabled.

 

cat /proc/sys/net/ipv4/conf/all/log_martians
1

configure
set firewall log-martians disable
commit
save
exit

cat /proc/sys/net/ipv4/conf/all/log_martians
0

 

EdgeMAX Router Software Development
Highlighted
Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

[ Edited ]

@UBNT-stig  - I followed your instructions.  The config file shows log_martians disabled, however when I run the cli command I received a 1.  I ran a configure command to set firewall log-martians disable to commit and it told me there was nothing to commit.  I ran it again to enable it, commit, then ran it again to disable it and it worked.  After reboot it returned to the same issue as before and I had to walk through the steps above again.

 

As a side note - on Saturday my public machines were dropping off and I noticed that the Public LAN DHCP server had lost all it's entries.  I mean literally DISAPPEARED!  I had to put them back in to get the machines back online.

 

I think that perhaps I should go back to the released version, 1.6, for now.  Before I do, is there anything I could provide that may help with development?  I am currently running alpha3 of course.

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

Well I just tried to configure it and verified that it was 0.  Then reboot and it was back to 1, so I'll file a bug for that.  BTW it happens in v1.6.0 also.

EdgeMAX Router Software Development
Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

Does anyone know if this is fixed in 1.7B1?

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3092
Solutions: 945
Contributions: 16

Re: Martians won't stop

No, but if you edit /etc/sysctl.d/30-vyatta-router.conf and comment out:

net.ipv4.conf.all.log_martians=1 

Then it will be ok on reboot.

EdgeMAX Router Software Development
Regular Member
Posts: 482
Registered: ‎02-11-2015
Kudos: 47
Solutions: 8

Re: Martians won't stop

WORKS GREAT!! Thanks.

Reply