Regards D-Link... I would recommend that you use a decent managed switch (based on Tech Specs as opposed to Branding, you can pick up cost effective ubnt edgeswitches or Tplink (fully managed Switches) which would offer linerate switching or if you want to have a branded switch get one second hand for best value
By the way... if you are doubting the switch (and you dont have tech specs of the switch or you cant monitor it .. or get counters off it ... then there is no doubt ... :) Regards, Tom Smyth On 12 February 2018 at 00:26, Martin Hanson <greencopperm...@yandex.com> wrote: > Hi, > > I have a home network that is segmented into 3 different zones using a NIC > with 4 ports sitting on an OpenBSD firewall/dhcp server. One port is > connected to the Internet (ISP router) and each of the three others has a > D-Link DGS-1005D switch connected to each. > > So.. > > LAN1 = 192.168.1.0 > LAN2 = 192.168.2.0 > LAN3 = 192.168.3.0 > > Learning more about networking I wanted to test a SYN flood so I set up a > couple of boxes on LAN1 and LAN3 to flood a box on LAN2. I used "hping3" with > the "S" and "flood" options. > > Running a regular ping in a terminal I could see how the response time > decreased and eventually the box began to loose packages. > > However after a while it seemed like the entire internal network went down. > > No box on any LAN could get an IP address from the DHCP server on the OpenBSD > box. > > I eventually rebooted the OpenBSD box, but that didn't immediately help, and > only after powering down the switches and powering the switches on again, > everything worked again. > > I have been looking through the PF documentation to see if PF somehow blocks > SYN flooding, but I am not using synproxy on any rules. > > What could cause such a "melt down" of the entire network because of a SYN > flood to a box? > > I suspect that the D-Link switches are pretty bad and maybe are the cause of > the problem? > > I eventually will try again to see if I can determine what's causing the > "melt down", but I want to know if anyone perhaps has experienced similar > results during some testing? > > Many thanks in advance. > > Kind regards, > > Martin > -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.
