Starting sometime last night (over 12 hours ago) I was suddenly disconnected from a remote server while I was working, and I can no longer connect to that one server. Nothing had changed on either my network or the remote server before this happened.
This issue is only happening when I try connecting through this DIR-820L device. Connecting directly through my cable modem or using cellular data is no problem, those connect as expected. It is also only happening with this one server.
I have tried:
- Updating firmware on the DIR-820L -- didn't help
- Doing a factory reset -- didn't help
- Doing a hard / physical reset (holding down the reset button for 10 (and then 30) seconds -- didn't help
- Connecting via both ethernet and wireless -- didn't help
- Connecting directly to my cable modem, bypassing the DIR-820L router -- was able to connect
- Connecting via my cell phone / cellular data -- was able to connect
- Connecting from another computer on the DIR-820L's network -- didn't help
After trying all of these things I am left with the conclusion that the issue is with the DIR-820L.
SSH, HTTP and other applications on different ports are not connecting via the router.
Interestingly, HTTP will partially connect (some data will get through) before the connection dies.
SSH is able to connect and get the server's SSH version, but the connection dies while it is trying to negotiate the protocol. Here is debug information from SSH as it tries to connect:
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
After SSH2_MSG_KEXINIT is sent the connection dies and nothing is received from the server again.
And on the server's side, it sees that it is disconnecting before the authorisation portion of the protocol starts.
Dec 9 14:04:13 username sshd: Connection closed by <My IP> [preauth]
Now what is really odd is that in the router's logs I am seeing messages like this when trying to connect via SSH:
Dec 9 13:18:02 HARAMBE user.emerg kernel: DROP: IN=br0 OUT=eth1 SRC=<My local IP> DST=<Remote server's IP> LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=16264 DF PROTO=TCP SPT=64747 DPT=222 SEQ=2698952732 ACK=3242161784 WINDOW=4117 RES=0x00 ACK FIN URGP=0 OPT (0101080A20C5758200DE25C101010
That ACK FIN packet is really confusing me.
To reiterate: this problem is only happening with one server, it started happening arbitrarily last night, and I can connect to the server fine from other connections that aren't going through the DIR-820L router.
I do not have the firewall, QoS, virtual servers, etc., turned on. And this problem happens both with ethernet and wireless.
Is there some kind of outbound firewall that is blocking my connection? Why is the IN interface labelled br0 (ie a bridge)?
I am wondering if anybody else has had this problem, has any insights or suggestions; or if I should just trash this router and move to another brand (as I always seem to have random unexplainable problems like this with D-Link brand devices).
Thanks in advance!