Odyssey Posted September 12, 2021 Share Posted September 12, 2021 (edited) The Issue ====== Docker - unavailable update (even after forced update) App store - Hanging at load (spotty connection despite working for a few minutes at a time) - times out Plugins - not available status - no connectivity I've tried numerous things to fix this and have spent 2 days so far. Setting DNS to google 8.8.8.8 | 8.8.4.4 and cloudflare 1.1.1.2 | 1.0.02 - no luck modified Go file with sed -i 's#@Docker-Content-Digest:\\s*\(.*\)@#\@Docker-Content-Digest:\\s*\(.*\)@i#g' /usr/local/emhttp/plugins/dynamix.docker.manager/include/DockerClient.php attempted switch from auto DNS to static DNS nslookup google.com - timeout ping - timeout removed network.cfg file and reboot - pulls IP read DNS - still no connectivity to any 3 services listed above removed almost all plugins Network side ==== double checked settings on Udm pro - DNS changes | VLAN assignment changes | etc ===================== **at some points making changes to network causes the unraid to hang and eventually crash the UI when working on it from another pc on the LAN** **UPDATE 9/13/21** After investigating into my IPS via the UDM Pro it seems as though the Unraid server is attempting to reach out to russia for the DNS? ET DNS Query for .su TLD (Soviet Union) Often Malware Related Severity Medium TypePotentially Bad Traffic CategoryIPS_VALUES_CATEGORY_EMERGING-DNS Interfacebr20 Source - unraid IP : 46115 Destination - internal Gateway IP : 53 Protocol - dns It's showing up as trying every port number it possibly can to reach out to the internet, Since this is stemming from the unraid server ( no array running, no dockers, no plugins active) -- would it be safe to say that this could be considered a false positive? ======================== Any advice or guidance with this would be greatly appreciated it. This happens then all of a sudden for a few days starts working then stops again. Thanks in advanced. Sorry if this is a double post -- it's my first one tower-diagnostics-20210912-0745.zip Edited September 13, 2021 by Odyssey Updating with new findings Quote Link to comment
Squid Posted September 12, 2021 Share Posted September 12, 2021 1 hour ago, Odyssey said: sed -i 's#@Docker-Content-Digest:\\s*\(.*\)@#\@Docker-Content-Digest:\\s*\(.*\)@i#g' /usr/local/emhttp/plugins/dynamix.docker.manager/include/DockerClient.php Remove that line and reboot. It's not necessary I'd reboot all the networking equipment also. Beyond that, not much help since I don't have any experience with VLANs Quote Link to comment
Odyssey Posted September 13, 2021 Author Share Posted September 13, 2021 I removed the line. Restarted but still nothing. It's strange cause even if it's not on a VLAN now it still does the same thing. No matter the DNS settings on either side. I originally had nextcloud installed and removed it and then these issues started up again. I've removed almost every plugin tried creating a new USB key with unraid without success. The Mac address and ip and dns are pulled but for some reason something in the system Quote Link to comment
Squid Posted September 13, 2021 Share Posted September 13, 2021 On 9/12/2021 at 8:53 AM, Odyssey said: After investigating into my IPS via the UDM Pro it seems as though the Unraid server is attempting to reach out to russia for the DNS? ET DNS Query for .su TLD (Soviet Union) Often Malware Related What were you doing when this happened? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.