0
My apartment complex has a shared Wi-Fi network. There are two Cisco Meraki MR62 access points on each building, and my MacBook periodically switches between them; which is annoying because it drops all of my connections to the outside world.
One of the access points is fine; I have a stable, fast connection as long as no one else is streaming video. But there’s an issue with the other access point.
Someone’s private wireless router is constantly sending pings to the shared router. This happens almost 24/7 and my connection is slow when I’m on the same access point, even if there’s no one else on the network. I believe these pings are choking the network, making access to the outside world very slow.
Here’s what I'm seeing from Wireshark; 10.127.144.87
is the private router, 10.128.128.128
is the public router:
If I try and ping the private router, I get the following:
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
92 bytes from 10.128.128.128: Communication prohibited by filter
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 2693 0 0000 40 01 6a59 10.155.68.76 10.127.144.87
Request timeout for icmp_seq 2
92 bytes from 10.128.128.128: Communication prohibited by filter
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 30e0 0 0000 40 01 600c 10.155.68.76 10.127.144.87
What could be causing this? Is it indeed responsible for the slow network? Is there some way I can prevent this? I’ve tried ARP spoofing 10.127.144.87
thinking I could use ipfw
to drop the pings, but it doesn’t seem to have the desired effect. Here are the rules I’m using:
00300 deny icmp from 10.127.144.87 to any in
00310 deny icmp from 10.127.144.87 to any out
00320 pipe 100 icmp from 10.127.144.87 to any in
00330 pipe 110 icmp from 10.127.144.87 to any out
00340 deny icmp from 10.128.128.128 to 10.127.144.87 in
00350 deny icmp from 10.128.128.128 to 10.127.144.87 out
00360 pipe 120 icmp from 10.128.128.128 to 10.127.144.87 in
00370 pipe 130 icmp from 10.128.128.128 to 10.127.144.87 out
Any insight on this would be greatly appreciated!
Thanks for the great answer! You're probably right about the network topology being borked. It was set up by https://www.inspirewifi.com/ and is "cloud managed". Perhaps the pings aren't responsible for the network slowdown, but I can't help but feel like the 10.127.144.87 router is still the cause of the issues. At the moment it's not on the same access point I am and my connection is great.
– MHarrison – 2014-12-08T00:46:35.143“…I can't help but feel like the 10.127.144.87 router is still the cause of the issues.” Don’t disagree with that. If there is any way for you to diplomatically determine who has that device and talk to them about issues, who knows. Like I said, mabye he’s as pissed off at the odd speed as you are and can share notes that you can then share with management. – JakeGould – 2014-12-08T05:56:37.487
That blog post is complete and utter nonsense. – David Schwartz – 2017-04-13T03:38:14.670
@DavidSchwartz How? And considering this post is 3+ years old, maybe you can post an answer explaining how pings are nothing to worry about? We know your networking knowledge is deep, so perhaps you can share it? – JakeGould – 2017-04-13T14:25:22.783
1@JakeGould How large a packet a server is support tells us absolutely nothing about how much load a packet of a particular size will place on it. I'm not sure it's worth trying to compose an answer to such an old, vague question. But it is worth pointing out when information is incorrect or obsolete lest it mislead anyone. – David Schwartz – 2017-04-13T17:53:04.580
@DavidSchwartz Fair enough. – JakeGould – 2017-04-14T01:11:50.923