Windows XP SP3 Causing Router Crashes

KrispyBytes writes "Windows XP SP3 has been named as the culprit causing home routers to go into a crash and reboot cycle. One router maker has released firmware updates to fix the problem, but has not yet revealed what is actually different about XP SP3's networking stack or UPnP behaviour that causes the problem. Router maker Billion Managing Director Raaj Menon said "as Microsoft plans to make Windows XP SP3 an automatic upgrade this month, the number of affected routers may increase significantly.""

Maker?

[Anonymous Coward]

One router maker has

I think you meant manufacture

No lies, just a bad track record.

[hikaricloud]

As for the service pack not crashing routers, they actually do have the ability. So no MS bashing for me, just truth. Microsoft just has a bad run with service packs for XP, huh? SP3 has also been the culprit for a lot of machines just up and crashing. At both of our shops, we've gotten scads of machines, all with the same issues, all caused by an SP3 update. It's insane. First ME, then XP SP2, then Vista, now SP3. Microsoft really wants to be the evil empire, don't they?

Happened to me...

[flar2]

This happened to me. I booted into Windows XP for the first time in months just to check out SP3 and that same night my router went crazy, lights blinking on and off. It's a cheap no-name router, I'll have to find out what chipset it is and whether I can upgrade the firmware just in case I ever boot into Windows again.

Re:Other Glitches?

[couchslug]

"Second, the USB ports on my HP Port Replicator xb2000 (I believe) no longer function."

Boot a live Linux CD such as Knoppix and see if it works. It's a handy way to swap OS for testing.

Same as Vista

[Enderandrew]

SP3 borrows a Vista feature (presumably the same code) to detect "Router Black Holes".

From http://www.winsupersite.com/faq/xp_sp3.asp [winsupersite.com]

"Black hole" router detection algorithm. XP gains the ability to ignore network routers that incorrectly drop certain kinds of network packets. This, too, is a feature of Windows Vista.

Re:Other Glitches?

[punissuer]

Funny, but IMHO Windows' support for USB still sucks. Sometimes my XP Home machine boots up and totally ignores my USB keyboard. Unplugging the kb and plugging it back in fixes the issue temporarily, but why should I have to do that? The motherboard setup program has no such issues, and neither do any Linux distros I've tried.

Re:Same as Vista

[Anonymous Coward]

SP3 borrows a Vista feature (presumably the same code) to detect "Router Black Holes".

That has been around for years, it's called path MTU discovery.

And frankly, if unusual packets crash a router, the problem is with the router.

Re:Blaming the wrong programmers

[yomegaman]

The "article" is just a reprinted press release from Billion. Of course they blame SP3, since the alternative is admitting their products are buggy pieces of junk.

Re:Well that explains everything.

[Darkness404]

Ummmm... Switch to Linux/Mac/BSD/Plan 9/Solaris/Hurd/Syllable/FreeDOS/Haiku/Windows 95?

Here's the technical reason

[Anonymous Coward]

Quote from their website:

"After detail analysis, we found that Windows XP SP3 sent out the DHCP packet with the Option 43 data (include Microsoft's 'Vendor Specific Information'), but Windows XP SP2 sent out the DHCP packet without the Option 43 data. However, the Option 43 data is not compatible with Billion's original definition, so it will cause this problem. The affected firmware versions of BiPAC 5200 series are 2.9.8.x and 2.11.0.x~2.11.33.x. There is no impact to BiPAC 5200 series if the firmware is 2.10.x.x. Please check Appendix A for checking your current firmware version."

http://au.billion.com/downloads/Notice-Billion-5200-series-via-Windows-SP3.pdf [billion.com]

Re:Not surprising

[negRo_slim]

Lets not jump to blame this on Windows. It could be that Windows isn't doing anything wrong, just something the router should be able to handle, but can't. We can point fingers when we know what the actual issue causing the router problems is.

Ya know I agree, as I've had SP3 installed in one form or another for some time now. With nary a problem... Can't even remember the last time I had to cycle my linksys befsx41. Besides I fail to see why a router should ever be affected to such a degree by a computer on it's network. Really does sound like flawed workmanship.

Re:Buggy Routers

[John Hasler]

> ...such as dumping 110 V AC down all 8 pins

Interfaces that comply with the Ethernet standard are transformer isolated (except for the brain-damaged idea of POE, but only the most idiotic router designers would implement that (and even POE should be fused)).

Re:What if the router ran Linux?

[LarsG]

I`d say the router is worthy of flame no matter what OS it is running. A router must be stable, it should not crash even if you send complete random gibberish at it.

If it turns out that XPSP3 is sending broken UPnP traffic to the router, then MS is a valid flame target for not following the spec properly. That does however not absolve the router.

Re:Before anyone goes on a MS rant

[Anonymous Coward]

Are you fucking stupid or something ??

if a router crashes , its the ROUTERS fault.

Doesn't matter whats on the network. No need to analyze anything.

 

Re:Before anyone goes on a MS rant

[Anonymous Coward]

We all agree that computers should not be able to crash routers. However, SP3 includes their Next Gen TCP/IP stack that "complies" with several RFCs noted here:
http://technet2.microsoft.com/windowsserver2008/en/library/60f9e0c6-dfb3-4ead-aa12-3ba7653664fd1033.mspx?mfr=true
Of course most routers are not protocol-aware of these, and due to the unexpected use of such protocols, the effects on routers could manifest the reboots that we see. So SP3 IS relevant since it is the ONLY thing that has changed. What this implies to me is that, again, someone dropped the ball in the testing department at either MS or the router(s) companies. These things are going to happen whether its MS, Linux, MAC, Solaris, etc. if updates are deployed without fully testing.

Re:Here's the technical reason

[Richard_at_work]

Just to clarify the parent posters information, Option 43 (Vendor Specific Information) is a valid but optional part of the DHCP spec, covered in RFC 2132, part 8.4. A server not equipped to handle the Vendor Specific Information must ignore it.

Re:XP3 or the router's fault?

[John Hasler]

> While I agree that a router shouldn't crash no matter what an attached computer does,
> I completely disagree with the Windows fanboys who claim this is a non-story.

I claim it's a non-story and I sure as hell am not a "Windows fanboy".

Re:Glad I disabled auto-updates

[afidel]

I'm more glad I disabled uPnP, it's a very poorly designed spec with even crappier real world implementations. It's about the most bug-prone technology I know of.

one model from one manufacturer

[confused one]

This only affects one model (BiPAC 5200) wireless broadband router, from one manufacturer (Billion), who's firmware has a bug. The model in question is found in Australia and Europe. A firmware update is available for download. End of story.

Re:Glad I disabled auto-updates

[Ihmhi]

Right, until a "critical security update" turns that option right back on. Better to just turn off Automatic Updates and disable Security Center in Administrative Tools > Services so it stops whining about your computer "not being protected".

Re:RTFRFC

[Krunch]

Sorry I gave the wrong URL. DHCP is described in RFC 2131. RFC 2132 only lists valid options. http://www.ietf.org/rfc/rfc2131.txt [ietf.org]

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Not surprising

[Paul Jakma]

The parent poster shouldn't be modded informative. Their post is a jumble of random network related terminology (several of which have 0 bearing on home routers) into information-less sentences. E.g. *BGP* or IOS on a home router? "Cache tables" (did the poster misremember hearing someone say "hash tables"?). The crowning glory though:

"Spanning tree malformations can do it".

The parent is either a wickedly funny troll, or an ignorant parrot. I just can't make up my mind..

Re:Not surprising

[RobertM1968]

See though, here's the thing... who do you blame?

In a way it is (caused by) SP3... (because) of something the router cannot handle.

So, it raises a few better questions than the ones being raised here (the blame game):

- (ROUTER'S FAULT) Why can't the router handle whatever type of traffic - and should it? At the very least, as a possible attack vector for routers, shouldn't it?

- (NOT NECESSARILY SP3's FAULT, BUT STILL AN ISSUE) Why is SP3 generating such traffic? What type of traffic is it generating? Could this traffic be considered (or detected elsewhere as) a DOS attack of some sort? (We do know that enough SYN packets will crash various routers - even high end ones). What is SP3 actually attempting to do (regardless of HOW, the more important questions are WHAT and WHY).

So, while the router may be at fault for the behavior due to the type of traffic, SP3 is at fault for generating traffic of a nature that is not needed (in any way I can think of) to utilize the Internet... and considering some of the new ad and update and spyware and DRM technologies that MS is trying to bring over to XP (see previous /. articles, various MS patents and more regarding their search plans, "Live" product plans and more)... is this traffic not just flawed, but totally unwanted and intrusive? Or is it simply a screw-up on MS's part that happened to indicate vulnerabilities in various routers?

See the thing is, the reasons MS has such code creating such traffic may be important (or simply a screw-up)... but regardless of that, it showed vulnerabilities in various routers... but regardless of that, it also showed some sort of traffic that SP3 generates that may also be the cause of other routers (that arent affected adversely by such traffic) detecting as an attack of some sort, causing all sorts of other issues (for instance, a subnet or port being shut down to block the traffic).

Think how wonderful that would be if it was at a large company, medical institution, school, EMS station, etc... where all their machines were on a NAT network, and one of them that got upgraded to SP3 suddenly got their single shared IP blocked from the Internet.

So, I think there may be plenty of blame to point at both MS and the router manufacturers...

But the sad thing is, (and I am loathe to say this on /. where I am expected to make judgements based off little or no facts), until enough facts come out (showing what type of traffic, why the traffic is being generated, and what unaffected routers do when they receive the traffic), the only blame so far is:
- MS for doing something (traffic wise) that no other device or OS manufacturer seems to have ever done before.
- The router manufacturers in question for having an implementation that is not robust enough to survive such traffic without crashing.

Re:Glad I disabled auto-updates

[nosfucious]

Good point.

Don't just disable it, remove it from your System. It's just another networking service and it can be un-installed.

Although, as the parent poster mentioned, it's not beyond Microsoft to re-install it as part of a Service Pack/Security Update. (See Windows Messenger).

Billion is wrong here...

[Anonymous Coward]

This article I think is miss titled. As you can see if you read billions notes about the upgraded firmware, Billion not XP3 is to blame. From their document "After detail analysis, we found that Windows XP SP3 sent out the DHCP packet with the
Option 43 data (include Microsoftâ(TM)s âVendor Specific Informationâ(TM)), but Windows XP SP2 sent
out the DHCP packet without the Option 43 data. However, the Option 43 data is not
compatible with Billionâ(TM)s original definition, so it will cause this problem. The affected firmware
versions of BiPAC 5200 series are 2.9.8.x and 2.11.0.x~2.11.33.x. There is no impact to BiPAC
5200 series if the firmware is 2.10.x.x. Please check Appendix A for checking your current
firmware version."
Option 43 data is optional based on the standard (http://www.faqs.org/rfcs/rfc2132.html) it should not be causing the router to crash. Based on what I'm seeing I would think any other operating system and/or setup that sent option 43 data to this router would cause the crash.