Thanks Thanks:  1
Likes Likes:  1
Results 1 to 5 of 5

Thread: Heavy UDP Traffic

  1. #1
    Senior Member
    Join Date
    Oct 2013
    Posts
    114

    Question Heavy UDP Traffic

    client is seeing heavy UDP traffic on a system that is installed/running. Packet capture shows a destination address of 239.34.109.155 and the packet contains 21 bytes of data. What is this (multicast) packet used for, is it required and if not, is there a way to turn it "off"?

    thanks

  2. #2
    Senior Member
    Join Date
    Oct 2013
    Posts
    518
    It's RA2, yes, so there's a main repeater on the network... what else? Another repeater? A Connect Bridge? Are they configured for DHCP or static IP addresses?

  3. #3
    Junior Member
    Join Date
    Feb 2016
    Posts
    19
    I might be able to help.

    Do you have Essentials? I am working with Lutron System Support on an unrelated issue and discovered my logs are filled with failed outgoing UDP connections. Apparently my main repeater is trying to connect with Alarm.com and keeps retrying. I believe it is back when you had the option of remote connection with Lutron Home instead of Lutron Connect with the bridge.

    My entire log file is filled with events similar to below due the fact that I have my firewall set to a default of block all and is blocking these outgoing connections.

    Code:
     00024 | 07/06/17 | 11:09:49 | 0165995190 | WRKA |  00000  | REMOTE CONN  | WRKA: Retries exceed max - Reset UDP
     00025 | 07/06/17 | 11:09:49 | 0165995192 | WRKA |  00000  | REMOTE CONN  | WRKA: Remote access inactive
     00026 | 07/06/17 | 11:09:49 | 0165995237 | TERM |  00000  | REMOTE CONN  | TERM: DNS resolving
     00027 | 07/06/17 | 11:09:49 | 0165995237 | WRKA |  00000  | REMOTE CONN  | WRKA: Cached Host Address = 216.36.42.33
     00028 | 07/06/17 | 11:09:49 | 0165995286 | TERM |  00000  | REMOTE CONN  | TERM: Connecting to remote server
     00029 | 07/06/17 | 11:09:49 | 0165995289 | WRKA |  00000  | REMOTE CONN  | WRKA: Initializing encryption key
     00030 | 07/06/17 | 11:09:49 | 0165995289 | WRKA |  00000  | REMOTE CONN  | WRKA: Starting UDP connection
     00031 | 07/06/17 | 11:09:59 | 0166000340 | WRKA |  00000  | REMOTE CONN  | WRKA: TX Retry last command (count = 1)
     00032 | 07/06/17 | 11:10:10 | 0166005390 | WRKA |  00000  | REMOTE CONN  | WRKA: TX Retry last command (count = 2)
     00033 | 07/06/17 | 11:10:20 | 0166010440 | WRKA |  00000  | REMOTE CONN  | WRKA: TX Retry last command (count = 3)
     00034 | 07/06/17 | 11:10:30 | 0166015490 | WRKA |  00000  | REMOTE CONN  | WRKA: TX Retry last command (count = 4)
     00035 | 07/06/17 | 11:10:40 | 0166020541 | WRKA |  00000  | REMOTE CONN  | WRKA: TX Retry last command (count = 5)
     00036 | 07/06/17 | 11:10:50 | 0166025590 | WRKA |  00000  | REMOTE CONN  | WRKA: Retries exceed max - Reset UDP
     00037 | 07/06/17 | 11:10:50 | 0166025592 | WRKA |  00000  | REMOTE CONN  | WRKA: Remote access inactive
    A WireShark capture shows that my main repeater is trying to connect to 239.106.201.27, 216.36.42.33, 224.0.37.42 usually with ~22 bytes of data.

    Apparently in Inclusive in the part of the software where you find your main repeater you can hit advanced and you have the option of disabling this. At this time there is no way to disable this within Essentials.

  4. Thanks wkearney99 thanked for this post
    Likes wkearney99 liked this post
  5. #4
    Senior Member
    Join Date
    Oct 2013
    Posts
    518
    Quote Originally Posted by johngalt View Post
    Apparently in Inclusive in the part of the software where you find your main repeater you can hit advanced and you have the option of disabling this.
    Where is this? I'm looking in Inclusive and not seeing anything mentioning alarm.com.

    Is it the checkbox labeled "Restrict communications with Processor to Local LAN only"?

    Good catch using Wireshark and the firewall rules. I think most folks don't realize just how much outgoing traffic is being sent by various devices...

  6. #5
    Junior Member
    Join Date
    Feb 2016
    Posts
    19
    Sorry for the VERY long response time. I am sure you have figured it out, but for others.

    You are correct "Restrict communications with Processor to local LAN only" will prevent the UDP packets from trying to connect with Alarm.com."

Similar Threads

  1. 10.6 - Restrict Traffic to Local LAN issues
    By linddo in forum General Discussion - RA2
    Replies: 1
    Last Post: 11-06-2016, 08:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •