VMG1312-B10A: Bugs: Difference between revisions
m (→Updates) |
|||
Line 155: | Line 155: | ||
2015-07-02 |
2015-07-02 |
||
====Updates==== |
====Updates==== |
||
2015-07- |
2015-07-06 Report sent to ZyXEL with example HTTP header, PCAP and config file |
||
====Resolution==== |
====Resolution==== |
Revision as of 09:16, 6 July 2015
This page lists the problems we have found and raised regarding the ZyXEL VMG1312.
Problem List
TL;DR (Brief overview of the problems listed below)
The main problems are:
- MTU 1500 is not supported on some setups (Internet access will still work fine, but we'd like 1500) - (ZyXEL say they should be able to support this soon)
- VPNs may not reconnect if PPP drops - until you unplug and replug the LAN-side ethernet cable! We saw this same thing last year with Huawei HG612, which use the same chipset. (ZyXEL HQ are investigating having seen this demonstrated in our offices)
- Many of these issues are being held up as ZyXEL's developers are working on getting the router through BT's 'conformance testing' (SIN 498). Some of the bugs below are actually requirements in BT's testing, so we expect them to be fixed as part of this.
Bridging 1508 bytes ethernet
Issue Description
Bridging does work, but we'd very much like the router to support baby jumbo frames bridging to VDSL and ADSL, to support *at least* 1508 bytes to allow RFC4638 PPPoE to a connected device.
Date Reported
2015-02-19
Updates
- 2015-02-19 ZyXEL development team aware, and are looking in to whether they can support this feature.
- 2015-03-28 Still ZyXEL HQ are still evaluating the effort to make this change.
- 2015-04-14 ZyXEL are working on supporting larger Ethernet frame sizes as part of the 'BT Lab modem conformity tests' (SIN 498). No ETA though.
- 2015-06-02 This has been chased with ZyXEL, we expect some form of update in the next couple of days
- 2015-06-03 Software Patch 6 is nearing release but we don't have details of which open issues are solved in this.
- 2015-06-09 We are chasing for further updates
- 2015-06-10 ZyXEL R&D resource is tied up and focus is on getting BT testing completed/passed, this feature is required to pass BT testing anyway, so we need to wait for the testing to complete and pass and then we should expect new software
- 2015-06-25 ZyXEL UK have been reminded again, and in turn they will be chasing up ZyXEL HQ. We're still waiting for the router to pass BT conformance testing
Resolution
None yet.
IPv6 RA on LAN
Issue Description
We are seeing a slight issue with IPv6 RA on the LAN. We are getting a prefix from the PPP link on VDSL. When PPP comes up, several seconds later the router does a DHCPv6 on the WAN, and then does an RA on the LAN, which works. We are puzzled by the noticeable delay in DHCPv6 PD which delays IPv6 connectivity. If PPP drops for any reason it appears to withdraw the RA on the LAN immediately, which is fine. However, when PPP reconnects it does not re-send the DHCPv6 on the WAN. This may be deliberate, and in our case it is probably OK, but it is something of an assumption that the previous DHPCv6 remains valid on the PPP after a reconnect. I'd suggest a new WAN RA/DHCPv6 immediately on every reconnect. Also, it seems not to send an RA on the LAN again for some minutes. This means there is a significant gap in IPv6 availability if there is a PPP drop from any reason.
Date Reported
2015-02-19
Updates
- 2015-02-19 In hand with ZyXEL.
Resolution
None yet.
MLD snooping
Issue Description
There is no way to enable MLD snooping on the LAN interface group without also enabling the router's Router Advertisement feature. This contrasts to IPv4, where I can disable the router's DHCP server but still enable IGMP snooping.
Date Reported
2015-03-06
Updates
None yet.
Resolution
None yet.
PPPoE Session-ID caching bug (In Bridge mode)
Issue Description
Last year we had an problem with Huawei FTTC modems, the standard ones that Openreach supply The bug appears to be that the modem manages to "blacklist" some UDP packets after a PPP restart. Typically this affects VPN tunnels. The short term fix is to unplugged and plugged back in!
We now have what looks to be the same fault on the ZyXELs - both on ADSL and VDSL.
When a PPPoE session finishes and a new one starts, ethernet frames containing IP packets with the same source and destination IP and port combination that were used in the previous session are received with the PPPoE Session-ID from the earlier session.
This affects long running sessions using protocols which use the same source port for all communications. This includes IPsec and (in some circumstances) SIP.
Our understanding of this, having talked to Huawei last year to get a very similar bug fixed is that the problem is with the packet accelerator feature in the Broadcom chipset. It is caching frame headers including the PPPoE Session-ID, but not checking if the Session-ID is the same when searching for the entry in the cache for subsequent packets. Unplugging the ethernet cable from the VMG1312 momentarily resolves the problem - that action must trigger a cache flush in the Broadcom chipset.
Possible fixes would be to either not store the Session-ID in the packet accelerator cache at all, or to check the Session-ID in addition to the IP and ports when searching the cache. A workaround would be to disable the packet accelerator.
(Side note for other ISPs looking at this: This does not affect lines that have dynamic WAN addresses, which none of our service do.)
Date Reported
2015-05-06
Updates
- 2015-05-06 - Escalated with ZyXEL/Broadcom
- 2015-05-15 - ZyXEL staff came to AAISP offices and we demonstrated and discussed the problem
- 2015-06-02 - Still in hand with ZyXEL HQ reproducing this in their lab
Resolution
None yet.
PPP Login passwords can't be 9 characters long
Issue Description
The ZyXELs don't like being sent a configuration file that has the PPP password length of 9 characters.
Date Reported
2015-05-21
Updates
- 2015-05-26 ZyXEL HQ investigating
- 2015-05-27 ZyXEL confirm that this is a bug. We expect a later firmware to fix this.
Resolution
For the time being we'll use line passwords that are longer than 9 characters.
Crash/Quit when resizing SSH window
Issue Description
The router supports access to its CLI via SSH. There is a bug when resizing the SSH terminal window in that the SSH session will disconnect. In one case at least the router has crashed.
Date Reported
2015-05-29
Updates
None yet.
Resolution
None yet.
WebUI on iPad fails to load with error
Issue Description
When loading the web interface on an iPad the error: "depend on simpleModal plugin" is shown and the web UI cannot be used.
Date Reported
2015-06-23
Updates
None yet.
Resolution
None yet.
Low PADI retry time
Issue Description
When PPP or sync drops, the router will need to reconnect. Once in sync, the router will send a PADI packet to start the process of logging back in. It seems the router sends a PADI every 100 seconds or so. This causes unnecessary delay in reconnecting. -our FireBrick product, for example, will start of trying every 100 miliseconds before it starts backing off to every 2 seconds and then a maximum of every 10 seconds. We've asked ZyXEL for more information on the PADI retry and if it can be made to try more often than every 100 secnds.
Date Reported
2015-06-24
Updates
None yet.
Resolution
None yet.
Web UI Hangs (Broken HTTP/1.1)
Issue Description
Also see 'Web UI slow over WiFi (DoS Protection)' on this page.
The Web UI hangs.
A customer has found that the web pages responses seem to violate the HTTP/1.1 spec in that they use Connection: keep-alive, but do not include a Content-Length header or use chunked encoding. This then leaves the client hanging around until it gives up and closes the connection some time later. The end result of this is a VERY slow to load web interface (680s from the first request to the final resources loading). This issue was seen with both IE11 and Firefox 32.0.1 on Windows 8.1, connected over wireless to an A&A supplied VMG1312 running V1.00(AAJZ.5) C0.
Date Reported
2015-07-02
Updates
2015-07-06 Report sent to ZyXEL with example HTTP header, PCAP and config file
Resolution
None yet.
Resolved Problems
Below are details of problems that have been fixed.
Dropping PPP for 15-20 mins RESOLVED
Issue Description
We are seeing some lines, when in router mode (ie plugged in to the phone line and used as the router) drop PPP and do not re-establish PPP for 15-20 minutes. This is very odd. AAISP are investigating this as a priority. A work around is to use a separate DSL modem and configure the ZyXEL as a PPPoE router. This is not ideal, do talk to staff about this.
- Setting the VMG to bridge mode and using a separate PPPoE router works fine.
- Setting the VMG to PPPoE mode and using a separate VDSL modem works fine.
Date Reported
2015-06-23
Updates
- 2015-06-22 Reported to ZyXEL, staff still investigating and trying various config changes in order to test where the problem is
- 2015-06-24 AAISP still trying config changes to find a resolve to this. Further updates tomorrow
- 2015-06-24 It looks related to routers having Remote Management allowed from the WAN (Not our default setting), we are trying to capture the traffic that causes the line to drop
- 2015-06-26 Traffic captures and enabling and disabling various services shows that this could be caused by an SSH attack of some sort. Progress is still being made
- 2015-06-26 As this bug can be worked around by disabling Remote Management (especially SSH), then this is likely to be treated as low priority by ZyXEL
Resolution
Disable Remote Management access to the router (http/https/ssh/telnet). This is the default as set on AAISP side, but can be overridden.
Web UI slow over WiFi (DoS Protection) RESOLVED
Issue Description
Also see 'Web UI Hangs (Broken HTTP/1.1)' on this page.
When using the router's own wifi, viewing the web pages (http) is very slow. eg, 20 seconds to load the Wireless settings page. Switching to Wired the pages load as expected. Whilst the web UI is slow, telnet CLI and normal internet access is fine.
Date Reported
2015-06-16
Updates
2015-06-16 Preliminary investigations underway with AAISP staff looking in to it 2015-06-16 Disabling the DOS protection fixes this - it seems the router thinks it's being DOSd. We're still investigating this, for now we'll disable the DOS prevention setting in our configs
Resolution
None yet.
Port 1 - Ethernet settings wrong RESOLVED
Issue Description
It seems to be set to 100M fixed with no auto-negotiation. This results in a duplex mismatch when used with any auto-config port and results is slow speed and poor performance.
Date Reported
2015-02-16
Updates
- 2015-02-18 Inhand with ZyXEL.
- 2015-03-18 New software hopped for April
- 2015-04-14 New software available which fixes this issue, V1.00(AAJZ.5)C0
Resolution
Software: V1.00(AAJZ.5)b1| 03/13/2015 has the following release note:
[BUG FIX]1.[ITS:#141200518][TSF] VMG1312-B10A LAN1 interface speed issue.
QoS Issues RESOLVED
Issue Description
The QoS and traffic limiting features have the potential to be quite useful. However, the default QoS settings have problems if there is a large rsync (over ssh) upload in progress in that DNS queries time out. We have some QoS notes on ZyXEL_VMG1312-QoS.
Date Reported
2015-05-08
Updates
2015-05-15 A suitable configuration has been found
Resolution
Disabling default classes, and enabling QoS on packet length seems an all-round good solution See: ZyXEL VMG1312-QoS
Template to use for new problems
Issue Title
Issue Description
Description of Issue.
Date Reported
2015-00-00
Updates
None yet.
Resolution
None yet.