1

i noticed repeats of the following logs in my server:

Dec  3 21:55:27 alice-server kernel: [287677.084885] [UFW BLOCK] IN=ens18 OUT= MAC=01:00:5e:00:00:01:90:9a:4a:dc:31:62:08:00 SRC=192.168.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2

  1. Should i be concerned? I noticed a few similar posts saying this is an issue with multicast DNS server in the router. I don't understand what that means, greatly appreciate a layman explaination of that.

  2. My ip ranges for my home devices are 192.168.1.x so naturally when i saw an ip that is 192.168.0.1 i got alarmed! Should this be a concern? And what can i do to "boot" this ip out?

Thank you in advance.

Improve this question
7
  • DST=224.0.0.1 are IGMP Multicast discovery packets - see for example Strange dmesg UFW messages... lots of them
    – steeldriver
    Commented Dec 3, 2023 at 14:15
  • 3
    Does this answer your question? Strange dmesg UFW messages... lots of them
    – Marco
    Commented Dec 3, 2023 at 15:21
  • @Marco Thank you for that thread. It's a helpful explaination. As a follow-up, my concern on point 2 - the ip ranges, should i be worried that this ip is in 192.168.0.1 when all the devices in my network are in the .1.x range?
    – James
    Commented Dec 4, 2023 at 7:44
  • The vendor lookup of the MAC address shows "TP-Link", maybe this gives you a hint which device to search for.
    – Marco
    Commented Dec 6, 2023 at 7:29
  • @Marco thank you for the response. I'm curious how did you search for the vendor mac address. I pasted the whole address 01:00:5e:00:00:01:90:9a:4a:dc:31:62:08:00 into mac address sites and they kept showing info not found. May i know if there is something i am missing? Pardon me, i am still learning. Not well verse with networking stuff at all. Thank you! here's my error: imgur.com/a/ygxm77o
    – James
    Commented Dec 7, 2023 at 5:49

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .