Many users woke up today and suddenly found they were unable to access the internet.
The culprit appears to be a particularly risky single point of failure present in certain Belkin routers - if the router is unable to ping heartbeat.belkin.com it assumes the internet is down and stops all other traffic, and it seems that this site is broken.
Those of you left with internet access might be able to help your friends and neighbours get back online by following workarounds on Belkin's status page to manually point clients at alternate DNS servers.
More details are available at Ars, Reddit and DSL Reports.
This discussion has been archived.
No new comments can be posted.
Belkin Routers Suddenly Knocking Users Offline
|
Log In/Create an Account
| Top
| 18 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(Score: 4, Funny) by Dunbal on Wednesday October 08 2014, @03:31AM
The new guy at Belkin wondered why they were getting so many pings from everywhere and decided they were being DDOSed and shut down the site...
(Score: 2) by frojack on Wednesday October 08 2014, @03:37AM
Wow. How could they be that dumb!
There are a lot of places that do egress filtering on pings just to prevent DDOS, and a growing number of campuses and ISPs just block them. So all users behind one those think the router is toast and take it back to the store?
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Wednesday October 08 2014, @01:48PM
Or maybe he was briefed by some "security expert" that allowing pings of your computer was a security risk, and thus disabled IMCP on the server.
(Score: 2) by kaszz on Wednesday October 08 2014, @04:13AM
Belkin has a slight habit of screw ups like in November 2003 they implemented a man-in-the-middle session hijacking attack [wikipedia.org] and in 2009 it was time for the scam to pay for fake reviews along with fake logo certifications. Linksys products are within this company too.
Too bad there ain't any third strikes law for bad companies..
(Score: 4, Informative) by NoMaster on Wednesday October 08 2014, @07:08AM
By my count, this is like the 5th or 6th count in the last 10 or so years:
Various models & firmwares: broken or no support for IP multicast. Want to use iTunes sharing / Bonjour / Rendezvous? Too bad...
The only good thing about them is their "lifetime" support (though it's actually measured in rat lifetimes, not human or equipment lifetimes...). It's a true 'no questions asked replacement' 5 year warranty - as long as you bought from one of their short list of approved retailers, or you can get through to someone not reading from the script and waste weeks chasing them up until you get your replacement.
Live free or fuck off and take your naïve Libertarian fantasies with you...
(Score: 2) by kaszz on Wednesday October 08 2014, @01:15PM
Interesting!
If you can provide links to back up all claims then that list could be used on other places. Belkin seems like worse than run by assholes.
(Score: 2) by chromas on Wednesday October 08 2014, @07:43PM
It says it's a hash but mine had "var password=" with plain text. The firmware update just happened to not work on that specific model.
(Score: 4, Interesting) by PinkyGigglebrain on Wednesday October 08 2014, @04:23AM
I read the summary and the first thing that went through my mind is "WTF is a router doing phoning home", my next thought was "What kind of moron wrote the firmware?"
I don't use a commercial router/firewall device. I have a linux box running IPCop and an old "dumb" hub to connect everything. Only problems I've ever had with it was when CPU cooling fan started to fail, the BIOS started sounding an alarm every night just after midnight when the CPU load spiked compressing the previous days logs.
I can see a router checking for updates periodically, even IPCop does that, but having it kill all connectivity if the check fails is just inane. Glad I don't rely on Belkin products. Though I feel sorry for anyone who does, I've worked with a few small and home business that were using Belkin routers.
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 2) by kbahey on Wednesday October 08 2014, @03:08PM
This is why a router should be a solid state fanless no moving parts low power device that can be left running all the time.
I use a commercial router (D-Link DIR-835), but flash it with OpenWRT [openwrt.org]. You get a really fast, really stable router with lots of apps, and Linux inside as a bonus. And you don't have to deal with vendor crapware.
Some of the things I have done with it is showing bandwidth usage by device, logging to a USB storage device, dynamic DNS, ...etc.
Details here [baheyeldin.com] if anyone is interested.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning [2bits.com].
(Score: 2) by PinkyGigglebrain on Wednesday October 08 2014, @04:04PM
Well ..., it technically IS solid state, except for the fan and HD :)
But I totally agree with the point you make, it would be better if it had no moving parts at all. Less noise, less wear, less power consumption and a smaller footprint. Though the single board computer I'm using has a foot print about the same footprint as a WRT54.
I originally had a Linksys router/firewall but it needed to be rebooted every week or so, I think it had a memory leak or memory defrag issues, and I looked at one of the P3 SBCs w/ 3 on board NICs that I had sitting on a shelf and thought "What the Hells, it will work till I get a new router" Its been working so well the last 10 years I've never felt the need to replace it. I always say "If it works don't fuck with it"
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 2) by kbahey on Wednesday October 08 2014, @04:33PM
Yeah, if it works, don't fix it. Agree 1000%.
I have been using the D-Link DIR-835 [openwrt.org], and it has lots of RAM, plenty of flash and is very stable. Once I set it up to do something, I forget about it for months. Never need to reboot the router for any issue. Love it.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning [2bits.com].
(Score: 2) by Marand on Wednesday October 08 2014, @05:25AM
Is anybody actually surprised that something like this happened to a Belkin router? To take the point further, why does anybody expect anything better out of these devices that use odd, locked-down, no-options, "user friendly" firmware? You reap what you sow.
Anyway, now that the Belkin-bashing is out of my system, a bit of personal router experience:
I've been using a Buffalo [buffalotech.com] router for years now and it's been great. DD-WRT out of the box, easy initial setup, extremely flexible for more advanced configuration, and doesn't do weird crap like in TFS. It's also more than paid for itself just for the configuration and flexibility.
For example, being able to change which interface is the WAN port means it's useful in hotels: set the wireless up as the WAN port, set up a second AP for your own wireless devices, and you can connect wired or wireless devices through it. Lets you use the hotel wireless without losing LAN access among your networked devices, plus you benefit from any firewall rules you've got set up. Once I figured it out I've gotten a lot of use out of it.
Having your router be a small Linux system with a USB port is really useful, too. I re-created most of the read-only filesystem on a USB hard disk and set up a short script to mount the disk and then remount parts of it in place of the read-only parts (e.g. mount --bind /mnt/etc /etc/ to replace the read-only /etc/). That let me install extra tools, set up a persistent $HOME whose contents remains between boots, and create some custom scripts to do additional monitoring of traffic. As a bonus, it's a non-destructive change: if I remove the USB disk, the remounting fails and it acts just like a normal DD-WRT router without any of my personal hacks.
Finally, since I know it's coming: yes, I know you can do the same sort of things by putting a dedicated Linux machine between your other devices and the network. That's not generally as convenient, portable, or power efficient. A router with decent firmware is a good compromise.
(Score: 1) by Kunasou on Wednesday October 08 2014, @05:46AM
I have a Belkin router but I flashed it to DD-WRT, it completely changed. The stock firmware was really weird and bad translated, and some of the options didn't work well either. But now it works like a router should.
(Score: 2) by SlimmPickens on Wednesday October 08 2014, @08:38AM
I guess I shouldn't dredge up ancient clustering jokers
(Score: 2) by aristarchus on Wednesday October 08 2014, @09:18AM
Belkins have a heartbeat? They all share the _same_ heartbeat? One heart, many routers, resistance is futile, your uniqueness will be added to ours. OMG! Belkin is alive! Somebody kill it, before it is too late! Kill it with fire!!! (Or, alternatively, nuke it from orbit, it is the only way to be sure.)
(Score: 2) by VLM on Wednesday October 08 2014, @12:03PM
Maybe this is that famous internet kill switch that big brother guaranteed would result in our safety if we just let big brother decide who's allowed to talk to who and when, with big brother's permission of course.
I'm not kidding.
Given a dumb idea, implementations might be kinda dumb. This would not be inconsistent with that theory. Then again never assume malice if stupidity explains it just as well is a strong competing argument. Then again a dumb malicious idea could fall either way, and the internet kill switch fits that criteria.
(Score: 2) by VLM on Wednesday October 08 2014, @11:58AM
"That's not generally as convenient"
Really?
Like when there's a security patch in some software and dozens of guys with hundreds/thousands of mirrors have Debian patched up in hours and you might get patched up in mere days or weeks.
This ties in with security. For all intents and purposes you have a splinter distro that almost no one uses or maintains vs you can pick any of the popular server quality OS out there that are a zillion times the size and is very well taken care of by many people.
Also user friendly almost always isn't, and I already know my way around a linux box quite well and the impedance bump when logging into one that happens to be a firewall instead of a webserver is about zero, everything is where it should be, etc.
When a part breaks I can just grab it off the shelf or even grab a whole new machine and be up in about 10 minutes plus or minus netboot install and puppet config, right? Oh on a consumer router you have to click the mouse in a web page 50000 times over the course of 3 hours and of course theres no backup so you never really know if the new one is configured to do the same stuff the old one did. Thanks but no thanks.
Finally integration. If all my boxes run munin to watch fan RPM / temps and memory and disk use, I mean ALL of them, including one that merely happens to forward packets. I also have one dump for syslog messages, not server logs there and "firewall has to be looked at manually if you remember how". Ditto every clock set by NTP, every password network wide is taken care of by kerberos/ldap instead of locally configured... life is good, life is good. Relaxing and consistent and predictable. Not like a consumer router at all. Very convenient.
No, I don't think I'd use the word "convenient" to describe a consumer router at all.
(Score: 1, Informative) by Anonymous Coward on Wednesday October 08 2014, @08:04AM
libre Concurrent Machine Cluster : The libre Embedded GNU/Linux Distro. [librecmc.org]