nmap process failure?

Follow

Tim Irwin

• July 04, 2022 03:24

Hi,

I've just installed a new FWG. I was troubleshooting a problem with poor Internet performance and I found what appears to be an issue with the nmap process that is enabled when the "Device Port Scan" feature is enabled.

First, I did 100 pings ssh'd into the FWG and 100 pings from a computer on the internal network. The pings from the FWG itself were fine. I had packet loss and high latency & jitter (~500ms) on the pings THROUGH the FWG.

Poking around in the logs, I saw the following error message repeated:

2022-07-03 23:04:19 ERROR NmapSensor: Failed to scan: Error: RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0

    at /home/pi/firewalla/sensor/NmapSensor.js:329:25
    at ChildProcess.exithandler (child_process.js:286:7)
    at ChildProcess.emit (events.js:210:5)
    at maybeClose (internal/child_process.js:1021:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:283:5)

Turning off the "Device Port Scan" immediately resolved the issue. However, this error message seems to repeat when I click on the "Open Ports" option in the mobile GUI.

I also see another message repeating in the logs.

ERROR BroDetect: HeartBeat: Unable to find nif uuid, undefined, 33:33:00:00:00:0c

Box version 1.9740

App version 1.50

0

• 

  Firewalla

  • July 04, 2022 17:58

  How big is your LAN? do you have a /24 

  0

  Comment actions Permalink
• 

  Tim Irwin

  • July 04, 2022 18:44

  Yes, /24

  0

  Comment actions Permalink
• 

  Firewalla

  • July 05, 2022 22:18

  Tim, we may need some logs, can you go to the app, tap on the gears button, help and support, and open a case with us? (please do send logs)

  0

  Comment actions Permalink
• 

  Tim Irwin

  • July 05, 2022 23:09

  Will do. I still seem to be having issues with high latency and jitter. Problems started once I put eeros into bridge mode. Trying to isolate whether it is FWG or eeros.

  0

  Comment actions Permalink
• 

  Firewalla

  • July 05, 2022 23:13

  Latency to where? try to ping your firewalla gateway and see if it is the eero or your IP side.

  0

  Comment actions Permalink
• 

  Tim Irwin

  • July 06, 2022 13:30

  I *may* have resolved it last night. Finger crossed.

  I was experiencing high latency & jitter THROUGH the FWG but not TO it.

  I had the same eero topology for over a year but somehow switching from L3 to L2 caused problems. After a bunch of trial and error, I discovered that removing one of the eero Pro’s improved things dramatically. I now have 3 Pro 6’s and one Pro. I’m planning on replacing the Pro with a Pro 6.

  Latency and jitter have returned to normal. I suspect that the high latency was causing nmap timeouts.

  eero has a nice UI but it really sucks not being able to access any kind of logging to get an idea of what’s going on. :-/

  I have found that I can get temporary improvements but once eero’s optimization process runs, the initially good results get worse. I’ll give it 24 hours and see if things are stable.

  0

  Comment actions Permalink
• 

  Firewalla

  • July 06, 2022 16:07

  Are you using ethernet backhaul? if you are the eero satellite units need to connect to main eero unit's LAN port. If you connect them all to the same switch, that may generate high latency.

  0

  Comment actions Permalink

Please sign in to leave a comment.