DDoS TL-ER5120 - FAKE ROUTER ???

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

DDoS TL-ER5120 - FAKE ROUTER ???

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
DDoS TL-ER5120 - FAKE ROUTER ???
DDoS TL-ER5120 - FAKE ROUTER ???
2015-07-17 04:43:40 - last edited 2021-08-21 05:05:55
Region : Argentina

Model : TL-R470T+

Hardware Version : V4

Firmware Version : TL-ER5120_V1_130716

ISP : RDS-RCS


Hello, dear support
I use TL-ER5120 router in my home for little server of mu online(GAMESERVER), i buy this router because have DDoS Protection, and 120.000 session, i use 1-2 years this router without problems(PROBABLY any FLOOD DDoS) but at 03.07.2015 a little children send to me 10.000-30.000 - 120.000 pkt/s from OVH network(webhosting seller) and this router can't stop this ATTACK, when i receive "ATTACK" PPPoE connection is dropped:D

take a look to log:

[CODE]

Logs
List of Logs
No. Content
109 2015-07-16 15:35:18 <4> : Detected multi-connections udp flood attack, dropped 82804 packets.
110 2015-07-16 15:35:18 <5> : WAN1:PPPoE start connecting automatically.
111 2015-07-16 15:35:18 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D6-5D, Session-ID:0xa8d.
112 2015-07-16 15:35:20 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
113 2015-07-16 15:35:20 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
114 2015-07-16 15:35:20 <5> : WAN1:PAP authenticated.
115 2015-07-16 15:35:20 <5> : WAN1:IPCP is up, local:79.112.233.46, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
116 2015-07-16 15:35:33 <6> : No-IP DDNS updated success.
117 2015-07-16 15:36:42 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D6-5D, Session-ID:0xa8d.
118 2015-07-16 15:36:44 <5> : WAN1:PPPoE session is over.
119 2015-07-16 15:36:50 <5> : WAN1:PPPoE start connecting automatically.
120 2015-07-16 15:36:51 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E7-81-98, Session-ID:0xf19.
121 2015-07-16 15:36:52 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
122 2015-07-16 15:36:52 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
123 2015-07-16 15:36:52 <5> : WAN1:PAP authenticated.
124 2015-07-16 15:36:53 <5> : WAN1:IPCP is up, local:79.112.224.139, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
125 21.119.176.111 94.23.9.31 .
126 2015-07-16 15:36:56 <4> : Detected multi-connections udp flood attack, dropped 15219 packets.
127 2015-07-16 15:36:58 <3> : No-IP DDNS updated too frequently��and this domain will be taboo in 5 minutes.
128 2015-07-16 15:41:59 <6> : No-IP DDNS updated success.
129 2015-07-16 15:43:25 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E7-81-98, Session-ID:0xf19.
130 2015-07-16 15:43:27 <5> : WAN1:PPPoE session is over.
131 4.23.9.31 89.36.95.241 .
132 2015-07-16 15:43:34 <5> : WAN1:PPPoE start connecting automatically.
133 2015-07-16 15:43:35 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D6-3D, Session-ID:0xd0a.
134 2015-07-16 15:43:36 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
135 2015-07-16 15:43:36 <4> : Detected multi-connections udp flood attack, dropped 41306 packets.
136 2015-07-16 15:43:36 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
137 2015-07-16 15:43:36 <5> : WAN1:PAP authenticated.
138 2015-07-16 15:43:36 <5> : WAN1:IPCP is up, local:79.112.235.205, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
139 2015-07-16 15:43:45 <6> : No-IP DDNS updated success.
140 2015-07-16 15:45:10 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D6-3D, Session-ID:0xd0a.
141 2015-07-16 15:45:12 <5> : WAN1:PPPoE session is over.
142 89.36.95.241 94.23.9.31 .
143 2015-07-16 15:45:17 <4> : Detected multi-connections udp flood attack, dropped 96763 packets.
144 2015-07-16 15:45:19 <5> : WAN1:PPPoE start connecting automatically.
145 2015-07-16 15:45:19 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D6-5D, Session-ID:0xc57.
146 2015-07-16 15:45:21 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
147 2015-07-16 15:45:22 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
148 2015-07-16 15:45:22 <5> : WAN1:PAP authenticated.
149 2015-07-16 15:45:22 <5> : WAN1:IPCP is up, local:79.115.95.146, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
150 2015-07-16 15:45:25 <6> : No-IP DDNS updated success.
151 2015-07-16 15:46:44 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D6-5D, Session-ID:0xc57.
152 2015-07-16 15:46:45 <5> : WAN1:PPPoE session is over.
153 2015-07-16 15:46:52 <5> : WAN1:PPPoE start connecting automatically.
154 2015-07-16 15:46:52 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D8-5D, Session-ID:0x4d.
155 21.119.176.111 82.137.6.4 .
311 2015-07-16 16:32:28 <4> : Detected multi-connections udp flood attack, dropped 36868 packets.
312 2015-07-16 16:32:35 <6> : No-IP DDNS updated success.
313 2015-07-16 16:33:54 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0x79.
314 2015-07-16 16:33:56 <5> : WAN1:PPPoE session is over.
315 2015-07-16 16:34:02 <5> : WAN1:PPPoE start connecting automatically.
316 2015-07-16 16:34:03 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0xcc.
317 4.23.9.31 89.36.95.241 .
318 2015-07-16 16:34:05 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
319 2015-07-16 16:34:05 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
320 2015-07-16 16:34:05 <5> : WAN1:PAP authenticated.
321 2015-07-16 16:34:05 <5> : WAN1:IPCP is up, local:79.112.236.126, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
322 2015-07-16 16:34:08 <4> : Detected multi-connections udp flood attack, dropped 24289 packets.
323 2015-07-16 16:34:11 <6> : No-IP DDNS updated success.
324 2015-07-16 16:35:34 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0xcc.
325 2015-07-16 16:35:36 <5> : WAN1:PPPoE session is over.
326 2015-07-16 16:35:42 <5> : WAN1:PPPoE start connecting automatically.
327 2015-07-16 16:35:43 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D8-5D, Session-ID:0xcdf.
328 2015-07-16 16:35:44 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
329 4.23.9.31 89.36.95.241 .
330 2015-07-16 16:35:44 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
331 2015-07-16 16:35:44 <5> : WAN1:PAP authenticated.
332 2015-07-16 16:35:44 <5> : WAN1:IPCP is up, local:79.112.229.52, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
333 2015-07-16 16:35:47 <4> : Detected multi-connections udp flood attack, dropped 21194 packets.
334 2015-07-16 16:35:52 <3> : No-IP DDNS updated too frequently��and this domain will be taboo in 5 minutes.
335 2015-07-16 16:40:53 <6> : No-IP DDNS updated success.
336 2015-07-16 16:55:47 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D8-5D, Session-ID:0xcdf.
337 2015-07-16 16:55:48 <5> : WAN1:PPPoE session is over.
338 6.95.241 121.119.176.111 .
339 2015-07-16 16:55:51 <4> : Detected multi-connections udp flood attack, dropped 31733 packets.
340 2015-07-16 16:55:54 <5> : WAN1:PPPoE start connecting automatically.
341 2015-07-16 16:55:54 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D6-3D, Session-ID:0x7f7.
342 2015-07-16 16:55:56 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
343 2015-07-16 16:55:56 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
344 2015-07-16 16:55:56 <5> : WAN1:PAP authenticated.
345 2015-07-16 16:55:56 <5> : WAN1:IPCP is up, local:79.115.91.210, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
346 2015-07-16 16:56:00 <6> : No-IP DDNS updated success.
347 2015-07-16 16:58:17 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D6-3D, Session-ID:0x7f7.
348 2015-07-16 16:58:18 <5> : WAN1:PPPoE session is over.
349 2015-07-16 16:58:24 <5> : WAN1:PPPoE start connecting automatically.
350 2015-07-16 16:58:25 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0x54c.
351 6.95.241 121.119.176.111 .
352 2015-07-16 16:58:28 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
353 2015-07-16 16:58:28 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
354 2015-07-16 16:58:28 <5> : WAN1:PAP authenticated.
355 2015-07-16 16:58:28 <5> : WAN1:IPCP is up, local:79.112.238.32, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
356 2015-07-16 16:58:30 <4> : Detected multi-connections udp flood attack, dropped 31506 packets.
357 2015-07-16 16:58:38 <6> : No-IP DDNS updated success.
358 2015-07-16 17:00:48 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0x54c.
359 2015-07-16 17:00:49 <5> : WAN1:PPPoE session is over.
360 2015-07-16 17:00:55 <5> : WAN1:PPPoE start connecting automatically.
361 2015-07-16 17:00:56 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E9-D6-3D, Session-ID:0xa5.
362 6.95.241 121.119.176.111 .
462 2015-07-16 21:57:37 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E9-D6-5D, Session-ID:0x969.
463 2015-07-16 21:57:39 <5> : WAN1:PPPoE session is over.
464 2015-07-16 21:57:39 <4> : Detected multi-connections udp flood attack, dropped 27666 packets.
465 2015-07-16 21:57:45 <5> : WAN1:PPPoE start connecting automatically.
474 .121.158.82 89.36.95.241 .
475 2015-07-16 22:56:24 <5> : WAN1:PPPoE peer close, AC-MAC:7C-A2-3E-E7-81-98, Session-ID:0x2ce.
476 2015-07-16 22:56:25 <5> : WAN1:PPPoE session is over.
477 2015-07-16 22:56:25 <4> : Detected multi-connections udp flood attack, dropped 35848 packets.
478 2015-07-16 22:56:32 <5> : WAN1:PPPoE start connecting automatically.
479 2015-07-16 22:56:32 <5> : WAN1:PPPoE discover phase over, AC-MAC:7C-A2-3E-E7-84-1A, Session-ID:0x9c1.
480 2015-07-16 22:56:34 <5> : WAN1:LCP send CONFIG-REQUEST timeout.
481 2015-07-16 22:56:34 <5> : WAN1:LCP is up, MTU:1480, AUTH:PAP.
482 2015-07-16 22:56:34 <5> : WAN1:PAP authenticated.
483 2015-07-16 22:56:34 <5> : WAN1:IPCP is up, local:79.112.237.255, peer:10.0.0.1, DNS1:193.231.252.1, DNS2:213.154.124.1.
484 2015-07-16 22:56:37 <4> : Detected stationary source udp flood attack, dropped 6933 packets, attack source: 85.214.79.121 85.214.22.62 .
[/CODE]

i talk with support from my country , that inginer was verry OK , he want to help me, and explain what happend , and why my PPPoE Connection is dropped.

My question is:

Who use this router, if YES have some solution for my problem?

If for this problem no find solution, please remove DDoS Prortection from description and 120.000 sesion because is not TRUE
  0      
  0      
#1
Options