我的 ADSL 路由器(十年前的老款 Comtrend AR-5381u)每隔几分钟就会断开与互联网的连接。这种情况已经持续了 3-4 天;奇怪的是,这种情况只发生在晚上。
我尝试过从软件管理控制台重新启动路由器(没有用),并尝试过物理关闭它然后重新打开(前几天,这种方法解决了问题...但今天没有)。
我已启用 WiFi(WPA2-PSK + AES 和 MAC 过滤)。不确定这是否足够安全,但无论如何,我正在检查“WiFi 认证设备”,唯一显示的是我的手机,所以这不是无聊的邻居在干扰我的 WiFi。
此外,我没有运行任何 P2P 软件,也没有做任何可能打破互联网。只需在 Google Chrome 中打开几个标签,并在手机中运行几个后台应用程序。其他时候,我只是在电视上观看 Netflix 或 Youtube,根本不使用电脑。
我能做什么(如果有的话)来解决或至少诊断出这个问题?
我甚至不知道是我的路由器,还是 ISP,或者是有人切断了我的连接(DDoS?这不像我是微软,这只是我的家...)。
这是自上次(物理)重启以来的系统日志。有很多“内核入侵”,但从我读过的内容来看,我不应该担心它们,它们只是尝试从互联网访问我的路由器(或者不是吗?)。
Jan 1 00:00:08 syslog emerg BCM96345 started: BusyBox v1.00 (2011.10.28-05:10+0000)
Jan 1 00:00:24 user crit kernel: Line 0: xDSL G.994 training
Jan 1 00:00:24 user crit kernel: eth0 Link UP 100 mbps full duplex
Jan 1 00:00:37 user crit kernel: Line 0: ADSL G.992 started
Jan 1 00:00:41 user crit kernel: Line 0: ADSL G.992 channel analysis
Jan 1 00:00:45 user crit kernel: Line 0: ADSL G.992 message exchange
Jan 1 00:00:46 user crit kernel: Line 0: ADSL link down
Jan 1 00:00:47 user crit kernel: Line 0: xDSL G.994 training
Jan 1 00:01:00 user crit kernel: Line 0: ADSL G.992 started
Jan 1 00:01:04 user crit kernel: Line 0: ADSL G.992 channel analysis
Jan 1 00:01:08 user crit kernel: Line 0: ADSL G.992 message exchange
Jan 1 00:01:10 user crit kernel: Line 0: ADSL link up, Bearer 0, us=842, ds=16590
Jan 1 00:01:34 daemon crit syslog: PPP server detected.
Jan 1 00:01:34 daemon crit syslog: PPP session established.
Jan 1 00:01:40 daemon crit syslog: PPP LCP UP.
Jan 1 00:03:22 daemon crit syslog: PPP server detected.
Jan 1 00:03:23 daemon crit syslog: PPP session established.
Jan 1 00:03:26 daemon crit syslog: PPP LCP UP.
Jan 1 00:03:26 daemon crit syslog: Received valid IP address from server. Connection UP.
Apr 7 20:30:00 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=77.72.82.94 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=20107 PROTO=TCP SPT=41720 DPT=8859 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:30:00 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=46.161.55.108 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=19005 PROTO=TCP SPT=43447 DPT=2443 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:30:01 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=5.188.11.37 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=38893 PROTO=TCP SPT=55797 DPT=5389 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:30:29 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=59.38.100.155 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=61313 PROTO=TCP SPT=58121 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:30:45 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=223.100.148.74 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=233 ID=33541 PROTO=TCP SPT=45265 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:40:01 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=50.2.190.138 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=8313 DF PROTO=TCP SPT=18013 DPT=1250 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 20:50:07 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.216.140.16 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=23593 DF PROTO=TCP SPT=32210 DPT=3308 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:00:03 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=211.152.60.146 DST=95.16.160.53 LEN=40 TOS=0x00 PREC=0x00 TTL=110 ID=256 PROTO=TCP SPT=49268 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:02:01 user crit kernel: Line 0: ADSL link down
Apr 7 21:02:01 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:02:01 daemon crit syslog: Clear IP addresses. PPP connection DOWN.
Apr 7 21:02:01 daemon crit syslog: Clear IP addresses. Connection DOWN.
Apr 7 21:02:13 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:02:17 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:02:21 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:02:22 user crit kernel: Line 0: ADSL link down
Apr 7 21:02:23 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:02:36 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:02:40 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:02:44 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:02:45 user crit kernel: Line 0: ADSL link up, Bearer 0, us=888, ds=17075
Apr 7 21:03:12 daemon crit syslog: PPP server detected.
Apr 7 21:03:12 daemon crit syslog: PPP session established.
Apr 7 21:03:15 daemon crit syslog: PPP LCP UP.
Apr 7 21:03:17 daemon crit syslog: Received valid IP address from server. Connection UP.
Apr 7 21:03:28 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.216.140.16 DST=95.16.58.57 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=29519 DF PROTO=TCP SPT=17817 DPT=3729 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:04:07 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=5.188.11.37 DST=95.16.58.57 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=44709 PROTO=TCP SPT=55797 DPT=3382 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:04:21 user crit kernel: Line 0: ADSL link down
Apr 7 21:04:21 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:04:21 daemon crit syslog: Clear IP addresses. PPP connection DOWN.
Apr 7 21:04:21 daemon crit syslog: Clear IP addresses. Connection DOWN.
Apr 7 21:04:33 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:04:37 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:04:42 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:04:43 user crit kernel: Line 0: ADSL link down
Apr 7 21:04:44 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:04:56 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:05:00 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:05:05 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:05:06 user crit kernel: Line 0: ADSL link up, Bearer 0, us=888, ds=16380
Apr 7 21:05:30 daemon crit syslog: PPP server detected.
Apr 7 21:05:30 daemon crit syslog: PPP session established.
Apr 7 21:05:33 daemon crit syslog: PPP LCP UP.
Apr 7 21:05:34 daemon crit syslog: Received valid IP address from server. Connection UP.
Apr 7 21:06:08 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=109.248.9.18 DST=87.218.25.144 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=38071 PROTO=TCP SPT=50193 DPT=51391 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:06:36 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.216.140.16 DST=87.218.25.144 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=50787 DF PROTO=TCP SPT=50400 DPT=4509 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:06:45 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=139.162.115.7 DST=87.218.25.144 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=58362 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:06:58 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.130.212.2 DST=87.218.25.144 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=56833 DF PROTO=TCP SPT=2 DPT=8034 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:07:18 user crit kernel: Line 0: ADSL link down
Apr 7 21:07:18 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:07:19 daemon crit syslog: Clear IP addresses. PPP connection DOWN.
Apr 7 21:07:19 daemon crit syslog: Clear IP addresses. Connection DOWN.
Apr 7 21:07:30 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:07:34 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:07:39 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:07:40 user crit kernel: Line 0: ADSL link down
Apr 7 21:07:41 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:07:53 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:07:57 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:08:02 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:08:03 user crit kernel: Line 0: ADSL link up, Bearer 0, us=888, ds=16847
Apr 7 21:08:27 daemon crit syslog: PPP server detected.
Apr 7 21:08:27 daemon crit syslog: PPP session established.
Apr 7 21:08:30 daemon crit syslog: PPP LCP UP.
Apr 7 21:08:31 daemon crit syslog: Received valid IP address from server. Connection UP.
Apr 7 21:09:07 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.222.211.90 DST=87.218.24.53 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3613 PROTO=TCP SPT=53518 DPT=33392 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:09:15 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.216.140.16 DST=87.218.24.53 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=11129 DF PROTO=TCP SPT=6335 DPT=4869 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:09:27 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=181.214.87.248 DST=87.218.24.53 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=33982 PROTO=TCP SPT=46326 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:09:39 user crit kernel: Line 0: ADSL link down
Apr 7 21:09:39 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:09:39 daemon crit syslog: Clear IP addresses. PPP connection DOWN.
Apr 7 21:09:39 daemon crit syslog: Clear IP addresses. Connection DOWN.
Apr 7 21:09:51 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:09:55 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:10:00 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:10:01 user crit kernel: Line 0: ADSL link down
Apr 7 21:10:02 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:10:14 user crit kernel: Line 0: ADSL G.992 started
Apr 7 21:10:18 user crit kernel: Line 0: ADSL G.992 channel analysis
Apr 7 21:10:23 user crit kernel: Line 0: ADSL G.992 message exchange
Apr 7 21:10:24 user crit kernel: Line 0: ADSL link up, Bearer 0, us=888, ds=16953
Apr 7 21:10:48 daemon crit syslog: PPP server detected.
Apr 7 21:11:18 daemon crit syslog: PPP session established.
Apr 7 21:11:21 daemon crit syslog: PPP LCP UP.
Apr 7 21:11:22 daemon crit syslog: Received valid IP address from server. Connection UP.
Apr 7 21:11:51 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=77.72.82.103 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=20005 PROTO=TCP SPT=54206 DPT=49 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:12:09 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=185.216.140.16 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=37390 DF PROTO=TCP SPT=18182 DPT=4929 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:12:41 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=141.105.71.116 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55831 DF PROTO=TCP SPT=12970 DPT=8091 WINDOW=512 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:12:44 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=189.211.6.43 DST=95.16.175.33 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=27155 DF PROTO=TCP SPT=61195 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:12:52 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=5.101.2.205 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=38539 PROTO=TCP SPT=47669 DPT=3426 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:13:37 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=5.188.11.43 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23727 PROTO=TCP SPT=47504 DPT=4049 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:13:42 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=77.72.82.88 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=6796 PROTO=TCP SPT=59153 DPT=3222 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:13:44 user alert kernel: Intrusion -> IN=ppp0 OUT= MAC= SRC=93.174.93.218 DST=95.16.175.33 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22819 PROTO=TCP SPT=46685 DPT=20183 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 7 21:13:59 user crit kernel: Line 0: ADSL link down
Apr 7 21:13:59 user crit kernel: Line 0: xDSL G.994 training
Apr 7 21:13:59 daemon crit syslog: Clear IP addresses. PPP connection DOWN.
Apr 7 21:13:59 daemon crit syslog: Clear IP addresses. Connection DOWN.
Apr 7 21:14:11 user crit kernel: Line 0: ADSL G.992 started
似乎每次发生几次“入侵”后,线路都会很快中断……所以可能是某种攻击导致线路中断,或者至少导致路由器失去响应,从而失去连接。我能以某种方式保护它免受这种影响吗?
更新:
我拔掉了所有电话,并将路由器直接连接到墙上插座。情况稍有改善,但仍然不断断开连接。
路由器统计数据显示,每当连接建立时,信噪比裕度约为 9dB,然后下降。有时它保持在 8 或 7,有时下降到 5、4、3dB……我见过的最低值为 1.9。有时它会回升到 7,有时连接会断开。下行和上行都会这样波动,但下行通常较低。我的连接“下载速度高达 20Mbps,上传速度高达 1Mbps”,所以我猜上行“没有那么拥挤”。
我注意到的另一件事是,我遇到了大量的 HEC 错误,主要是下游错误。每 15 秒就会出现 5000 个新错误。而那时线路实际上已经启动并正常工作了……
这是当前统计页面的屏幕截图。自 8 小时前上次重启以来,共有 180 万个 HEC 错误:
答案1
正如大多数评论所说,这是线路问题。或者一定是,因为现在已经解决了,而我什么也没做 :)。我一直等到星期一才打电话给我的 ISP 客服,但他们显然在同一个星期一就解决了这个问题。从那时起互联网连接就再也没有断过,已经 4 天了。
SNR(信噪比)裕度现在好得多且稳定:下行 12-14 dB 和上行 9 dB,超过 6dB 的任何值都足够好,因此没有问题。
我仍然有 HEC 错误1 2,但现在每小时的数量约为 5,000 个,而不是 225,000 个。
至于“内核入侵”警报,它们仍会不时出现在路由器日志中,但线路仍在运行,因此很明显它们不是问题所在。不过,它们可能没有起到什么作用,因为路由器已经在与噪音极大的线路作斗争。
更新:只是跟进一下,确认确实是线路的问题。问题又出现了,我给 ISP 打了几次电话后,他们给我寄了一个全新的路由器……即使我直接把它插到“网络终端”测试端口而不是普通电话插头上,它还是会断线。事实上,它处理噪音的能力甚至比我那古老的路由器还要差。是时候数字化了,用光纤线代替 DSL。
答案2
您可能遇到的问题不止一个。这些问题总是最难发现和解决的。我曾在 VZ 担任过 30 年的传输和维护工程师。首先,S/N 应该始终是一个“大”数字。您需要大量信号且无噪音。当信号减弱并开始接近噪音时,它们的分数比 (S/N) 开始接近 1。一般来说(对于 DSL),小于 10db 是不好的。对于 11db 到 20db 的测量,可以接受,但不是很好。S/N 大于 20db 才是您想要的。影响信号强度的因素包括与 TelCo 服务节点的距离以及电缆对的多次出现。它们被称为“桥接分接头”或“左输入”,不必要地增加了电缆对的电容。要求公司摆脱它们。如果有人建议可能存在“负载线圈”,那他们就错了。您无法通过负载线圈获得任何数字信号。您与 TelCo 节点之间的电缆对距离限制为 18Kft。此时,电缆对固有电容将使信号减弱到无法使用的程度。负载线圈仅用于语音频谱 (300 - 3000 Hz),并且在 18 Kft 以下的电缆对上不会有它们。S/N 的另一半是噪声成分。噪声来自潮湿的电缆对、不良的尖端/环接头和旧电缆对损坏。请技术人员测量尖端/接地、环/接地、尖端/环电阻和电压。不要忽视内部布线。不要将内部线从电话插孔连接到插孔。尝试使用内部线直接连接到 TelCo 的网络接口。在网关路由器上,您应该有多个 LED。查看 DSL LED。它不应该闪烁...永远。如果它闪烁或熄灭,则网关路由器已“失去”服务节点的视线,可能正在尝试重新训练。如果 ISP 或互联网 LED 闪烁或熄灭,则说明电信公司的服务节点存在问题。它可能是中央办公室或邻近的双增益柜。有用的提示,摘下“优质”电话,您将连接到服务节点中的按键音接收器。您将听到拨号音。按拨号盘上的任意数字即可停止拨号音。捂住嘴巴,听一听。您应该听不到任何声音(没有噪音)。如果听到了,请要求提供干净的电缆对以减少噪音。我确信您有一个 DSL 滤波器。它们会切断电话机的高频音。我一生中见过两次它们短路并失效。如果您有任何疑问,只需将其移除进行测试。特别注意您的网关/路由器“系统日志”。它们总是有用的线索。不要对电信公司的技术人员太苛刻。大多数技术人员和工程师都是预约来的,而不是因为他们的教育背景和技能。在我 30 年的工作生涯中,我只相信 6 到 8 个人的知识和能力来解决技术问题。还有很多人,但现在不是时候。祝你好运,戴夫