Thought I had posted the original post on the Dish community forum.
Will try again; at least most of the pertinent part. From here:
hopper3 filling my router log - mydish communities - 26391
Again, my apologies for a loooong post from a newbie here.
Just had a hopper 3 and two wireless joeys. Hopper connected to my Juniper router, Dish router connected to hopper. Both ethernet wire.
Dish tech support tell me it is a Comcast issue since they are my internet router. I told them BS. Get the Dish programmers to look at it.
Several strange things occurring on my network. It is rapid enough that I cannot find any other type of messages in my router logs.
Not happy with this way it works. As a ex-network programmer, disturbing...
1. All devices show up on my home network. I was originally told the Dish router created a unique network; so I sort of pictured this: my net 192.168.1.0, with dynamic dhcp at 192.168.1.100-120. hopper would get a e.g. 192.168.1.100-120 address and their router would create something like 192.168.10.a. The hopper would then get a 192.168.10.b and the two joeys would get a 192.168.10.c and d.
Instead they all get addresses in the 192.168.1.100-120 range, but strangely my Juniper router does not issue the addresses and the dish devices do NOT show up in Juniper routers dhcp report.
2. I see continuous messages in my router log like this:
2019-08-17 17:57:02 info DHCP server on interface bgroup0 received DHCPDISCOVER from 88b6ee2f5141 requesting out-of-scope IP address 192.168.1.120/0.0.0.0.
2019-08-17 17:56:57 info DHCP server on interface bgroup0 received DHCPDISCOVER from 88b6ee2f44f6 requesting out-of-scope IP address 192.168.1.119/0.0.0.0.
2019-08-17 17:56:25 info DHCP server on interface bgroup0 received DHCPDISCOVER from 88b6ee2f5141 requesting out-of-scope IP address 192.168.1.120/0.0.0.0.
2019-08-17 17:56:20 info DHCP server on interface bgroup0 received DHCPDISCOVER from 88b6ee2f44f6 requesting out-of-scope IP address 192.168.1.119/0.0.0.0.
Over and over
Also continuous pings like this (note as critical by my router):
2019-08-17 18:00:41 crit ICMP ping id=0! From 192.168.1.120 to 172.217.8.100, proto 1 (zone Trust, int bgroup0). Occurred 1 times.
2019-08-17 18:00:38 crit ICMP ping id=0! From 192.168.1.120 to 172.217.8.100, proto 1 (zone Trust, int bgroup0). Occurred 1 times.
2019-08-17 18:00:36 crit ICMP ping id=0! From 192.168.1.119 to 172.217.3.132, proto 1 (zone Trust, int bgroup0). Occurred 1 times.
2019-08-17 18:00:33 crit ICMP ping id=0! From 192.168.1.119 to 172.217.3.132, proto 1 (zone Trust, int bgroup0). Occurred 1 times.
Reply from other user:
The Wireless Joeys never enter your home network. They will be clients of the Hopper, and all internet traffic will process through the Hopper. For the Joey location, it is through the WAP that Dish supplies as well. It creates a secure 5ghz network that is specific to that Hopper.
My continued posts:
And that is what I was told and how I thought it would work.
The real oddities are these:
1. why the continous DHCPDISCOVER to my router? I believe it is the 2 Joeys issuing them.
2. why the continuous icmp pings, which are (as I recall) normally used to report errors and diagnostics. My router is marking it as critical. Surely not being used for some sort of "keepalive"
3. How are the dish devices getting their IP addresses from my router. My dynamic range is 100-130. The hopper gets the 100 and then (I guess) must get some more and then release them. My router then knows nothing about them and could conceivably re-allocate them to another subsequent request.
4. I can see these devices from my systems and do a port scan; they all have at least port 80 open, hopper has others as do the remote joeys. Why open ports? Who can use them? If Dish has a secret way, this is big security risk.
5. If a truly private network involving hopper, joey-ap, 2 joey's, should be no traffic thru my router. Only hopper should enter my net, maybe the joey-ap; depending on how implemented.
There's some weird stuff going on.
BTW, home router is a Juniper Netscreen SSG5.
Will try a phone call to Dish Monday - maybe get thru to a competent person.
Oh yeah.... there are 3 external IP addresses visible from my home networked pc's:
169.254.79.161
169.254.163.229
169.254.122.26
Cannot ping from my PC, only see via arp.
Can ping from my router, but cannot see via arp.
Trace-route from router does not fully resolve after spitting out 4 intermediate external addresses.
I need to know what this dish stuff is doing - lot of concern over security and performance implications.
Called dish support today. They didn't quite understand why the DHCPDISCOVER and pings. Did say that the pings should only occur between 12 and 4AM (or something like that), not all day long. A puzzle.
To get rid of them, they had me turn off "bridging" in the internet settings, which I did; and now the bad behavior has stopped. Down side, from reading about the "bridging" option is that I cannot do on-demand, netflix, etc from the wireless Joeys. Support didn't inform me of that when telling me to turn it off.
I believe, if this restriction continues, that I will request the wireless Joey's be replaced with coax versions.
That should be so much fun.
