Windows XP SP3 Causing Router Crashes 337
KrispyBytes writes "Windows XP SP3 has been named as the culprit causing home routers to go into a crash and reboot cycle. One router maker has released firmware updates to fix the problem, but has not yet revealed what is actually different about XP SP3's networking stack or UPnP behaviour that causes the problem. Router maker Billion Managing Director Raaj Menon said "as Microsoft plans to make Windows XP SP3 an automatic upgrade this month, the number of affected routers may increase significantly.""
Maker? (Score:0, Informative)
No lies, just a bad track record. (Score:2, Informative)
Happened to me... (Score:2, Informative)
Re:Other Glitches? (Score:4, Informative)
Boot a live Linux CD such as Knoppix and see if it works. It's a handy way to swap OS for testing.
Same as Vista (Score:5, Informative)
From http://www.winsupersite.com/faq/xp_sp3.asp [winsupersite.com]
"Black hole" router detection algorithm. XP gains the ability to ignore network routers that incorrectly drop certain kinds of network packets. This, too, is a feature of Windows Vista.
Re:Other Glitches? (Score:2, Informative)
Re:Same as Vista (Score:1, Informative)
That has been around for years, it's called path MTU discovery.
And frankly, if unusual packets crash a router, the problem is with the router.
Re:Blaming the wrong programmers (Score:5, Informative)
Re:Well that explains everything. (Score:3, Informative)
Here's the technical reason (Score:5, Informative)
"After detail analysis, we found that Windows XP SP3 sent out the DHCP packet with the Option 43 data (include Microsoft's 'Vendor Specific Information'), but Windows XP SP2 sent out the DHCP packet without the Option 43 data. However, the Option 43 data is not compatible with Billion's original definition, so it will cause this problem. The affected firmware versions of BiPAC 5200 series are 2.9.8.x and 2.11.0.x~2.11.33.x. There is no impact to BiPAC 5200 series if the firmware is 2.10.x.x. Please check Appendix A for checking your current firmware version."
http://au.billion.com/downloads/Notice-Billion-5200-series-via-Windows-SP3.pdf [billion.com]
Re:Not surprising (Score:4, Informative)
Re:Buggy Routers (Score:3, Informative)
Interfaces that comply with the Ethernet standard are transformer isolated (except for the brain-damaged idea of POE, but only the most idiotic router designers would implement that (and even POE should be fused)).
Re:What if the router ran Linux? (Score:2, Informative)
If it turns out that XPSP3 is sending broken UPnP traffic to the router, then MS is a valid flame target for not following the spec properly. That does however not absolve the router.
Re:Before anyone goes on a MS rant (Score:1, Informative)
if a router crashes , its the ROUTERS fault.
Doesn't matter whats on the network. No need to analyze anything.
Re:Before anyone goes on a MS rant (Score:1, Informative)
http://technet2.microsoft.com/windowsserver2008/en/library/60f9e0c6-dfb3-4ead-aa12-3ba7653664fd1033.mspx?mfr=true
Of course most routers are not protocol-aware of these, and due to the unexpected use of such protocols, the effects on routers could manifest the reboots that we see. So SP3 IS relevant since it is the ONLY thing that has changed. What this implies to me is that, again, someone dropped the ball in the testing department at either MS or the router(s) companies. These things are going to happen whether its MS, Linux, MAC, Solaris, etc. if updates are deployed without fully testing.
Re:Here's the technical reason (Score:5, Informative)
Re:XP3 or the router's fault? (Score:3, Informative)
> I completely disagree with the Windows fanboys who claim this is a non-story.
I claim it's a non-story and I sure as hell am not a "Windows fanboy".
Re:Glad I disabled auto-updates (Score:5, Informative)
one model from one manufacturer (Score:5, Informative)
This only affects one model (BiPAC 5200) wireless broadband router, from one manufacturer (Billion), who's firmware has a bug. The model in question is found in Australia and Europe. A firmware update is available for download. End of story.
Re:Glad I disabled auto-updates (Score:5, Informative)
Right, until a "critical security update" turns that option right back on. Better to just turn off Automatic Updates and disable Security Center in Administrative Tools > Services so it stops whining about your computer "not being protected".
Re:RTFRFC (Score:3, Informative)
Comment removed (Score:5, Informative)
Re:Not surprising (Score:5, Informative)
"Spanning tree malformations can do it".
The parent is either a wickedly funny troll, or an ignorant parrot. I just can't make up my mind..
Re:Not surprising (Score:5, Informative)
See though, here's the thing... who do you blame?
In a way it is (caused by) SP3... (because) of something the router cannot handle.
So, it raises a few better questions than the ones being raised here (the blame game):
- (ROUTER'S FAULT) Why can't the router handle whatever type of traffic - and should it? At the very least, as a possible attack vector for routers, shouldn't it?
- (NOT NECESSARILY SP3's FAULT, BUT STILL AN ISSUE) Why is SP3 generating such traffic? What type of traffic is it generating? Could this traffic be considered (or detected elsewhere as) a DOS attack of some sort? (We do know that enough SYN packets will crash various routers - even high end ones). What is SP3 actually attempting to do (regardless of HOW, the more important questions are WHAT and WHY).
So, while the router may be at fault for the behavior due to the type of traffic, SP3 is at fault for generating traffic of a nature that is not needed (in any way I can think of) to utilize the Internet... and considering some of the new ad and update and spyware and DRM technologies that MS is trying to bring over to XP (see previous /. articles, various MS patents and more regarding their search plans, "Live" product plans and more)... is this traffic not just flawed, but totally unwanted and intrusive? Or is it simply a screw-up on MS's part that happened to indicate vulnerabilities in various routers?
See the thing is, the reasons MS has such code creating such traffic may be important (or simply a screw-up)... but regardless of that, it showed vulnerabilities in various routers... but regardless of that, it also showed some sort of traffic that SP3 generates that may also be the cause of other routers (that arent affected adversely by such traffic) detecting as an attack of some sort, causing all sorts of other issues (for instance, a subnet or port being shut down to block the traffic).
Think how wonderful that would be if it was at a large company, medical institution, school, EMS station, etc... where all their machines were on a NAT network, and one of them that got upgraded to SP3 suddenly got their single shared IP blocked from the Internet.
So, I think there may be plenty of blame to point at both MS and the router manufacturers...
But the sad thing is, (and I am loathe to say this on /. where I am expected to make judgements based off little or no facts), until enough facts come out (showing what type of traffic, why the traffic is being generated, and what unaffected routers do when they receive the traffic), the only blame so far is:
- MS for doing something (traffic wise) that no other device or OS manufacturer seems to have ever done before.
- The router manufacturers in question for having an implementation that is not robust enough to survive such traffic without crashing.
Re:Glad I disabled auto-updates (Score:3, Informative)
Don't just disable it, remove it from your System. It's just another networking service and it can be un-installed.
Although, as the parent poster mentioned, it's not beyond Microsoft to re-install it as part of a Service Pack/Security Update. (See Windows Messenger).
Billion is wrong here... (Score:1, Informative)
Option 43 data (include Microsoftâ(TM)s âVendor Specific Informationâ(TM)), but Windows XP SP2 sent
out the DHCP packet without the Option 43 data. However, the Option 43 data is not
compatible with Billionâ(TM)s original definition, so it will cause this problem. The affected firmware
versions of BiPAC 5200 series are 2.9.8.x and 2.11.0.x~2.11.33.x. There is no impact to BiPAC
5200 series if the firmware is 2.10.x.x. Please check Appendix A for checking your current
firmware version."
Option 43 data is optional based on the standard (http://www.faqs.org/rfcs/rfc2132.html) it should not be causing the router to crash. Based on what I'm seeing I would think any other operating system and/or setup that sent option 43 data to this router would cause the crash.