cancel
Showing results for 
Search instead for 
Did you mean: 
Mike_AP
Aspiring Contributor
531 Views
Message 1 of 7

HH 5A reboots every 2-3 days with TR069 activity

Hello - I have Infinity 1 and a Home Hub 5A (firmware 4.7.5.1.83.8.204.1.11). The hub is connected to an Openreach Mk3 filter on an NTE5 master socket. This has been running quite stably for over a year, albeit with reboots every two weeks or so for no obvious cause. Up/down data rates are 9999/35000 with noise margins 7.3/7.5. Quiet line test sounds fine. However, over the last few weeks the hub has been rebooting every 2 to 3 days with the message "System start TR069" in the log, always around 1 to 2 am. I have not seen this before. An extract of the filtered log is shown below (of the couple of reboots since 7 February that do not have the TR069 message, one was due to a power outage).

 

At the moment this is only a fairly slight nuisance, but does anyone know what might be going on, or whether it is possible to stop it? Thanks and regards...

 

TR069 restarts 170410.PNG

0 Ratings
Reply
6 REPLIES 6
Liam_
Expert
523 Views
Message 2 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

The TR069 reboot is a fact of life with hubs.  Though some seem to have many more reboots than would appear to be necessary.

The only way to stop this is to invest in a good third party VDSL router, then you are in control of if and when it is restarted.

0 Ratings
Reply
smf22
Recognised Expert
520 Views
Message 3 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

Can you remove the "Boot" filter on the log and post all messages before and after one of these specific events?

 

The Hub may not be the best router on the planet, but this number of reboots isn't normal. It may be that something else is going on that we're not seeing as you've filtered to only show boot messages.

 

Regards

0 Ratings
Reply
Mike_AP
Aspiring Contributor
505 Views
Message 4 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

Hello smf22 - Many thanks, yes, agreed this definitely looks abnormal even if HH5 has its limitations. Below is a chunk of unfiltered log entries surrounding lastest reboot at around 01:41 10 April. Will greatly appreciate your help in interpreting! Best regards...

 

02:02:01, 10 Apr.
( 1168.360000) Device disconnected: Hostname: DESKTOP-?U3SG1NM IP: 192.168.1.66 MAC: b4:ae:2b:35:34:eb
02:02:01, 10 Apr.
( 1168.360000) Device disconnected: Hostname: Monicas-?Lumia-?735 IP: 192.168.1.65 MAC: 3c:83:75:23:98:c0
02:01:59, 10 Apr.
( 1166.750000) Lease for IP 192.168.1.64 renewed by host Mikes-?Lumia-?735 (MAC 20:62:74:98:d1:88). Lease duration: 30240 min
02:01:59, 10 Apr.
( 1166.740000) Device connected: Hostname: Mikes-?Lumia-?735 IP: 192.168.1.64 MAC: 20:62:74:98:d1:88 Lease time: 30240 min. Link rate: 52.8 Mbps
02:01:59, 10 Apr.
( 1166.690000) Lease requested
02:01:57, 10 Apr.
ath00: STA 20:62:74:98:d1:88 IEEE 802.11: Client associated
02:00:24, 10 Apr.
IN: BLOCK [16] Remote administration (ICMP type 8 code 0 112.11.237.109-?>86.128.232.23 on ppp3)
01:58:20, 10 Apr.
IN: BLOCK [16] Remote administration (ICMP type 8 code 0 46.234.125.89-?>86.128.232.23 on ppp3)
01:56:08, 10 Apr.
BLOCKED 1 more packets (because of Remote administration)
01:56:07, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [95.67.83.166]:50634-?>[86.128.232.23]:80 on ppp3)
01:48:22, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [192.81.135.222]:35707-?>[86.128.232.23]:443 on ppp3)
01:47:18, 10 Apr.
IN: BLOCK [15] Default policy (TCP [78.31.67.69]:46001-?>[86.128.232.23]:4444 on ppp3)
01:46:58, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0.101)
01:46:26, 10 Apr.
( 233.770000) Lease for IP 192.168.1.71 renewed by host Unknown-?00-?22-?61-?ba-?7c-?bc (MAC 00:22:61:ba:7c:bc). Lease duration: 30240 min
01:46:26, 10 Apr.
( 233.770000) Device connected: Hostname: Unknown-?00-?22-?61-?ba-?7c-?bc IP: 192.168.1.71 MAC: 00:22:61:ba:7c:bc Lease time: 30240 min. Link rate: 25.5 Mbps
01:46:26, 10 Apr.
( 233.710000) Lease requested
01:46:22, 10 Apr.
( 229.220000) Device disconnected: Hostname: Janes-?iPhone IP: 192.168.1.97 MAC: b8:53:ac:05:64:2a
01:46:22, 10 Apr.
( 229.220000) Device disconnected: Hostname: dhcpcd-?6-?6-?6-?Linux-?3-?0-?35-?-?armv7l-?Freescale-?58-?b0-?d4-?2a-?88-?d3 IP: 192.168.1.96 MAC: 58:b0:d4:2a:88:d3
01:46:22, 10 Apr.
( 229.220000) Device disconnected: Hostname: SELPHY_DHCP_INSTANCE_0 IP: 192.168.1.92 MAC: 60:12:8b:95:fb:80
01:46:22, 10 Apr.
( 229.210000) Device disconnected: Hostname: LGwebOSTV IP: 192.168.1.91 MAC: 30:a9:de:ee:7e:60
01:46:22, 10 Apr.
( 229.210000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.83 MAC: d4:be:d9:3c:98:44
01:46:22, 10 Apr.
( 229.210000) Device disconnected: Hostname: BRW40B89A5C6A16 IP: 192.168.1.79 MAC: 40:b8:9a:5c:6a:16
01:46:22, 10 Apr.
( 229.210000) Device disconnected: Hostname: janes-?iPad IP: 192.168.1.74 MAC: 24:a0:74:41:bf:8d
01:46:22, 10 Apr.
( 229.210000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.72 MAC: c0:18:85:bf:8f:c9
01:46:20, 10 Apr.
ath00: STA 00:22:61:ba:7c:bc IEEE 802.11: Client associated
01:46:06, 10 Apr.
IN: BLOCK [15] Default policy (TCP [199.117.180.44]:443-?>[86.128.232.23]:55329 on ppp3)
01:46:05, 10 Apr.
( 212.960000) CWMP: session completed successfully
01:46:04, 10 Apr.
( 211.580000) CWMP: HTTP authentication success from https://pbthdm.bt.mo
01:46:00, 10 Apr.
( 207.210000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:46:00, 10 Apr.
( 207.210000) CWMP: Session start now. Event code(s): '6 CONNECTION REQUEST,4 VALUE CHANGE'
01:45:59, 10 Apr.
( 206.740000) CWMP: Initializing transaction for event code 6 CONNECTION REQUEST
01:45:57, 10 Apr.
IN: BLOCK [15] Default policy (TCP [199.117.180.44]:443-?>[86.128.232.23]:53157 on ppp3)
01:45:57, 10 Apr.
( 204.330000) CWMP: session completed successfully
01:45:56, 10 Apr.
( 203.330000) CWMP: HTTP authentication success from https://pbthdm.bt.mo
01:45:51, 10 Apr.
( 198.170000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:45:50, 10 Apr.
( 198.160000) CWMP: Session start now. Event code(s): '1 BOOT,M Reboot,4 VALUE CHANGE'
01:45:37, 10 Apr.
IN: BLOCK [15] Default policy (TCP [171.249.162.154]:35863-?>[86.128.232.23]:7547 on ppp3)
01:45:31, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0.101)
01:45:29, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 86.128.232.23-?>224.0.0.22 on ppp3)
01:45:21, 10 Apr.
BLOCKED 1 more packets (because of Default policy)
01:45:20, 10 Apr.
IN: BLOCK [15] Default policy (TCP [199.117.180.44]:443-?>[86.128.232.23]:51749 on ppp3)
01:45:20, 10 Apr.
( 167.580000) CWMP: session closed due to error: WGET TLS error
01:45:03, 10 Apr.
( 166.160000) NTP synchronization success!
01:45:02, 10 Apr.
OUT: BLOCK [44] Advanced Filter Rule (fw/policy/0/chain/fw_ath11_out/rule/0: ICMPv6 type 143 code 0 fe80:0000:0000:0000:001b:29ff:fe75:9253-?>ff02:0000:0000:0000:0000:0000:0000:0016 on ath11)
01:44:56, 10 Apr.
( 159.000000) NTP synchronization start
01:44:55, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 86.128.232.23-?>224.0.0.22 on ppp3)
01:44:55, 10 Apr.
BLOCKED 4 more packets (because of Spoofing protection)
01:44:55, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0)
01:44:55, 10 Apr.
BLOCKED 2 more packets (because of Spoofing protection)
01:44:55, 10 Apr.
BLOCKED 1 more packets (because of Spoofing protection)
01:44:55, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0)
01:44:55, 10 Apr.
( 157.980000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:44:55, 10 Apr.
( 157.970000) CWMP: Session start now. Event code(s): '1 BOOT,M Reboot,4 VALUE CHANGE'
01:44:44, 10 Apr.
( 146.640000) WAN operating mode is VDSL
01:44:44, 10 Apr.
( 146.640000) Last WAN operating mode was VDSL
01:44:42, 10 Apr.
( 145.190000) PPP IPCP Receive Configuration ACK
01:44:42, 10 Apr.
( 145.060000) PPP IPCP Send Configuration Request
01:44:42, 10 Apr.
( 145.060000) PPP IPCP Receive Configuration NAK
01:44:42, 10 Apr.
( 145.060000) PPP IPCP Send Configuration ACK
01:44:42, 10 Apr.
( 145.060000) PPP IPCP Receive Configuration Request
01:44:42, 10 Apr.
( 144.860000) PPP IPCP Send Configuration Request
01:44:41, 10 Apr.
( 143.640000) PPPoE is up -? Down Rate=35000000Kbps, Up Rate=9999000Kbps; SNR Margin Down=7.6dB, Up=7.4dB
01:44:41, 10 Apr.
( 143.630000) CHAP authentication successful
01:44:40, 10 Apr.
( 143.390000) CHAP Receive Challenge
01:44:40, 10 Apr.
( 143.390000) Starting CHAP authentication with peer
01:44:40, 10 Apr.
( 143.390000) PPP LCP Receive Configuration ACK
01:44:40, 10 Apr.
( 143.270000) PPP LCP Send Configuration Request
01:44:40, 10 Apr.
( 143.270000) PPP LCP Receive Configuration Reject
01:44:40, 10 Apr.
( 143.150000) PPP LCP Send Configuration ACK
01:44:40, 10 Apr.
( 143.150000) PPP LCP Receive Configuration Request
01:44:40, 10 Apr.
( 143.150000) PPP LCP Send Configuration Request
01:44:17, 10 Apr.
( 119.660000) Device disconnected: Hostname: Janes-?iPhone IP: 192.168.1.97 MAC: b8:53:ac:05:64:2a
01:44:17, 10 Apr.
( 119.660000) Device disconnected: Hostname: dhcpcd-?6-?6-?6-?Linux-?3-?0-?35-?-?armv7l-?Freescale-?58-?b0-?d4-?2a-?88-?d3 IP: 192.168.1.96 MAC: 58:b0:d4:2a:88:d3
01:44:17, 10 Apr.
( 119.660000) Device disconnected: Hostname: SELPHY_DHCP_INSTANCE_0 IP: 192.168.1.92 MAC: 60:12:8b:95:fb:80
01:44:17, 10 Apr.
( 119.660000) Device disconnected: Hostname: LGwebOSTV IP: 192.168.1.91 MAC: 30:a9:de:ee:7e:60
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.83 MAC: d4:be:d9:3c:98:44
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: BRW40B89A5C6A16 IP: 192.168.1.79 MAC: 40:b8:9a:5c:6a:16
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: janes-?iPad IP: 192.168.1.74 MAC: 24:a0:74:41:bf:8d
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.72 MAC: c0:18:85:bf:8f:c9
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: Unknown-?00-?22-?61-?ba-?7c-?bc IP: 192.168.1.71 MAC: 00:22:61:ba:7c:bc
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: Monica-?PC IP: 192.168.1.70 MAC: c4:17:fe:57:1d:ac
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: DESKTOP-?U3SG1NM IP: 192.168.1.66 MAC: b4:ae:2b:35:34:eb
01:44:17, 10 Apr.
( 119.650000) Device disconnected: Hostname: Monicas-?Lumia-?735 IP: 192.168.1.65 MAC: 3c:83:75:23:98:c0
01:44:12, 10 Apr.
ath00: STA 3c:83:75:23:98:c0 IEEE 802.11: Client disassociated
01:44:11, 10 Apr.
BLOCKED 2 more packets (because of Packet invalid in connection)
01:44:11, 10 Apr.
( 114.600000) Device disconnected: Hostname: Janes-?iPhone IP: 192.168.1.97 MAC: b8:53:ac:05:64:2a
01:44:11, 10 Apr.
( 114.600000) Device disconnected: Hostname: dhcpcd-?6-?6-?6-?Linux-?3-?0-?35-?-?armv7l-?Freescale-?58-?b0-?d4-?2a-?88-?d3 IP: 192.168.1.96 MAC: 58:b0:d4:2a:88:d3
01:44:11, 10 Apr.
( 114.600000) Device disconnected: Hostname: SELPHY_DHCP_INSTANCE_0 IP: 192.168.1.92 MAC: 60:12:8b:95:fb:80
01:44:11, 10 Apr.
( 114.600000) Device disconnected: Hostname: LGwebOSTV IP: 192.168.1.91 MAC: 30:a9:de:ee:7e:60
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.83 MAC: d4:be:d9:3c:98:44
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: BRW40B89A5C6A16 IP: 192.168.1.79 MAC: 40:b8:9a:5c:6a:16
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: janes-?iPad IP: 192.168.1.74 MAC: 24:a0:74:41:bf:8d
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.72 MAC: c0:18:85:bf:8f:c9
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: Unknown-?00-?22-?61-?ba-?7c-?bc IP: 192.168.1.71 MAC: 00:22:61:ba:7c:bc
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: Monica-?PC IP: 192.168.1.70 MAC: c4:17:fe:57:1d:ac
01:44:11, 10 Apr.
( 114.590000) Device disconnected: Hostname: DESKTOP-?U3SG1NM IP: 192.168.1.66 MAC: b4:ae:2b:35:34:eb
01:44:10, 10 Apr.
OUT: BLOCK [9] Packet invalid in connection (UDP [fe80:0000:0000:0000:dd8b:cf4f:a964:5fec]:546-?>[ff02:0000:0000:0000:0000:0000:0001:0002]:547 on ath00)
01:44:10, 10 Apr.
BLOCKED 2 more packets (because of Packet invalid in connection)
01:44:10, 10 Apr.
OUT: BLOCK [9] Packet invalid in connection (UDP [0.0.0.0]:68-?>[255.255.255.255]:67 on ath00)
01:44:10, 10 Apr.
( 113.030000) Lease for IP 192.168.1.65 renewed by host Monicas-?Lumia-?735 (MAC 3c:83:75:23:98:c0). Lease duration: 30240 min
01:44:10, 10 Apr.
( 113.030000) Device connected: Hostname: Monicas-?Lumia-?735 IP: 192.168.1.65 MAC: 3c:83:75:23:98:c0 Lease time: 30240 min. Link rate: 52.8 Mbps
01:44:10, 10 Apr.
( 112.970000) Lease requested
01:44:07, 10 Apr.
ath00: STA 3c:83:75:23:98:c0 IEEE 802.11: Client associated
01:43:56, 10 Apr.
BLOCKED 1 more packets (because of Spoofing protection)
01:43:55, 10 Apr.
BLOCKED 1 more packets (because of Default policy)
01:43:55, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0.101)
01:43:55, 10 Apr.
BLOCKED 1 more packets (because of Spoofing protection)
01:43:55, 10 Apr.
IN: BLOCK [12] Spoofing protection (IGMP 192.168.1.254-?>224.0.0.22 on ptm0)
01:43:55, 10 Apr.
OUT: BLOCK [15] Default policy (ICMP Packet is not a request packet: ICMPv6 type 143 code 0 fe80:0000:0000:0000:a21b:29ff:fe75:9255-?>ff02:0000:0000:0000:0000:0000:0000:0016 on ptm0)
01:43:51, 10 Apr.
OUT: BLOCK [15] Default policy (ICMP Packet is not a request packet: ICMPv6 type 143 code 0 fe80:0000:0000:0000:a21b:29ff:fe75:9255-?>ff02:0000:0000:0000:0000:0000:0000:0016 on ptm0.101)
01:43:48, 10 Apr.
( 91.600000) PTM over DSL is up
01:43:41, 10 Apr.
( 84.260000) CWMP: session closed due to error: No response
01:43:41, 10 Apr.
( 84.240000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:43:41, 10 Apr.
( 84.230000) CWMP: Session start now. Event code(s): '1 BOOT,M Reboot,4 VALUE CHANGE'
01:43:10, 10 Apr.
( 52.980000) CWMP: session closed due to error: No response
01:43:04, 10 Apr.
( 47.450000) Device disconnected: Hostname: Janes-?iPhone IP: 192.168.1.97 MAC: b8:53:ac:05:64:2a
01:43:04, 10 Apr.
( 47.440000) Device disconnected: Hostname: dhcpcd-?6-?6-?6-?Linux-?3-?0-?35-?-?armv7l-?Freescale-?58-?b0-?d4-?2a-?88-?d3 IP: 192.168.1.96 MAC: 58:b0:d4:2a:88:d3
01:43:04, 10 Apr.
( 47.420000) Device disconnected: Hostname: SELPHY_DHCP_INSTANCE_0 IP: 192.168.1.92 MAC: 60:12:8b:95:fb:80
01:43:04, 10 Apr.
( 47.410000) Device disconnected: Hostname: LGwebOSTV IP: 192.168.1.91 MAC: 30:a9:de:ee:7e:60
01:43:04, 10 Apr.
( 47.400000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.83 MAC: d4:be:d9:3c:98:44
01:43:04, 10 Apr.
( 47.390000) Device disconnected: Hostname: BRW40B89A5C6A16 IP: 192.168.1.79 MAC: 40:b8:9a:5c:6a:16
01:43:04, 10 Apr.
( 47.390000) Device disconnected: Hostname: janes-?iPad IP: 192.168.1.74 MAC: 24:a0:74:41:bf:8d
01:43:04, 10 Apr.
( 47.380000) Device disconnected: Hostname: DESKTOP-?D1B3M8V IP: 192.168.1.72 MAC: c0:18:85:bf:8f:c9
01:43:04, 10 Apr.
( 47.380000) Device disconnected: Hostname: Unknown-?00-?22-?61-?ba-?7c-?bc IP: 192.168.1.71 MAC: 00:22:61:ba:7c:bc
01:43:04, 10 Apr.
( 47.370000) Device disconnected: Hostname: Monica-?PC IP: 192.168.1.70 MAC: c4:17:fe:57:1d:ac
01:43:04, 10 Apr.
( 47.370000) Device disconnected: Hostname: DESKTOP-?U3SG1NM IP: 192.168.1.66 MAC: b4:ae:2b:35:34:eb
01:43:00, 10 Apr.
( 43.570000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:43:00, 10 Apr.
( 43.460000) CWMP: Session start now. Event code(s): '1 BOOT,M Reboot,4 VALUE CHANGE'
01:43:00, 10 Apr.
( 42.990000) CWMP: Initializing transaction for event code 1 BOOT
01:42:57, 10 Apr.
( 40.190000) WiFi auto selected channel 48
01:42:57, 10 Apr.
( 40.190000) 36-?94::44-?94::52-?92::60-?92::100-?92::108-?92::116-?95::124-?96::132-?97::40-?94::48-?93::56-?92::64-?93::104-?93::112-?93::120-?95::128-?96::136-?97
01:42:57, 10 Apr.
( 40.190000) 5 GHz Wireless: Rescan, Reason: 'Power-?up'
01:42:57, 10 Apr.
( 40.190000) Wire Lan Port 1 up
01:42:56, 10 Apr.
( 39.410000) WAN Auto-?sensing running.
01:42:51, 10 Apr.
( 34.390000) System up, firmware version: 4.7.5.1.83.8.204.1.11 (Type A)
01:42:44, 10 Apr.
( 26.910000) WPA2 mode selected
01:42:44, 10 Apr.
( 26.910000) WPS enabled
01:42:42, 10 Apr.
( 24.950000) WPA2 mode selected
01:42:42, 10 Apr.
( 24.950000) WPS enabled
01:42:33, 10 Apr.
( 16.130000) System start TR069
01:41:59, 10 Apr.
(172368.160000) PPP LCP Send Termination Request [User request]
01:41:57, 10 Apr.
(172366.420000) CWMP: session completed successfully
01:41:57, 10 Apr.
(172366.420000) The system is going DOWN for reboot.
01:41:55, 10 Apr.
(172364.160000) CWMP: HTTP authentication success from https://pbthdm.bt.mo
01:41:53, 10 Apr.
(172362.110000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username
01:41:53, 10 Apr.
(172362.110000) CWMP: Session start now. Event code(s): '6 CONNECTION REQUEST,4 VALUE CHANGE'
01:41:52, 10 Apr.
(172361.630000) CWMP: Initializing transaction for event code 6 CONNECTION REQUEST
01:34:52, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [61.177.20.236]:11549-?>[86.128.232.23]:22 on ppp3)
01:34:09, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [193.0.175.67]:50835-?>[86.128.232.23]:22 on ppp3)
01:32:35, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [122.224.35.99]:29942-?>[86.128.232.23]:8080 on ppp3)
01:30:28, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [78.31.67.69]:46001-?>[86.128.232.23]:443 on ppp3)
01:29:13, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [218.0.92.67]:15474-?>[86.128.232.23]:22 on ppp3)
01:26:55, 10 Apr.
IN: BLOCK [16] Remote administration (ICMP type 8 code 0 121.69.49.1-?>86.128.232.23 on ppp3)
01:23:22, 10 Apr.
IN: BLOCK [16] Remote administration (ICMP type 8 code 0 203.178.148.19-?>86.128.232.23 on ppp3)
01:20:44, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [218.109.166.225]:60990-?>[86.128.232.23]:22 on ppp3)
01:13:11, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [64.125.239.62]:41209-?>[86.128.232.23]:22 on ppp3)
01:11:09, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [103.207.37.71]:41251-?>[86.128.232.23]:22 on ppp3)
00:59:42, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [42.7.26.15]:9090-?>[86.128.232.23]:22 on ppp3)
00:56:21, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [103.207.36.20]:59599-?>[86.128.232.23]:22 on ppp3)
00:43:24, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [115.231.222.134]:49251-?>[86.128.232.23]:80 on ppp3)
00:42:06, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [190.214.69.250]:16917-?>[86.128.232.23]:22 on ppp3)
00:34:19, 10 Apr.
IN: BLOCK [16] Remote administration (TCP [130.0.236.13]:50212-?>[86.128.232.23]:22 on ppp3)
00:24:08, 10 Apr.
(167698.080000) Device disconnected: Hostname: SELPHY_DHCP_INSTANCE_0 IP: 192.168.1.92 MAC: 60:12:8b:95:fb:80
00:24:08, 10 Apr.
(167698.080000) Device disconnected: Hostname: Janes-?iPhone IP: 192.168.1.97 MAC: b8:53:ac:05:64:2a

0 Ratings
Reply
smf22
Recognised Expert
477 Views
Message 5 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

Not much to add on the basis of the log you provided. There are the obvious port scans from hosts on the Internet looking for vulnerable services on your device, but otherwise nothing of any note really.

 

The message at 01:41:52 is in response to a legitimate connection from the BT Auto Configuration Server (ACS) that is used by BT to manage the Hubs. The CPE WAN Management Protocol (CWMP) doesn't allow remote connections to a CPE, but what is allowed is that the ACS can establish a connection to the Hub, that causes the Hub to initiate a 'call home' i.e., making a connection to a known, configured server. This is to increase security.

 

It may be that BT are attempting to upgrade the firmware as there's at least one more recent version than the one your Hub is running, that being 4.7.5.1.83.8.222.1.1. And there's supposed to be new software for the Hub 5 in 'early 2017' to provide support for IPv6 on those Hubs.

 

 

As @Liam_ says, if you really want control, then using a third party router is the best option, but if you can live with the reboots in the middle of the night, it may be worth hanging on for a while and see if it settles down. 

 

Regards

0 Ratings
Reply
Mike_AP
Aspiring Contributor
450 Views
Message 6 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

Many thanks smf22, and Liam. Will wait and see if it settles again. Had noticed the firmware was old, but can't see why update should be blocked. The other slight oddity is that the down rate seems to be capped at 35 Mbps, which happens to be our "guaranteed minimum", but it has been since Infinity was activated. Ah well, strange are the ways...

0 Ratings
Reply
Sage
Sage
446 Views
Message 7 of 7

Re: HH 5A reboots every 2-3 days with TR069 activity

Post lines 1 - 12 from troubleshooting/helpdesk and we'll be able to see if you should be able to get a bit more speed out of your connection.

0 Ratings
Reply