What are all these connections holding up my network?

networking

I have a ubuntu box running 14.04 , Over the past couple days I have been having network issues on all my devices. This ubuntu box is wired directly into router. After some common trouble shooting steps I found that when I disconnected my ubuntu box from my router all problems went away... weird right?

In my Router logs this is what is stated when the ubuntu box is plugged in

Oct 23 20:57:25 unknown user.warn kernel: nf_conntrack: table full, dropping packet.

Over and over and over again

I looked up that error and found that basically my router is being flooded with a crap ton of connections but I have no idea why I have not changed anything on my ubuntu box.

I ran a live session of Ubuntu and the problem does not rear its head when in the live session

I then installed Nethog which provided me with this.... I have NO IDEA what this means or what is happening or why its happening. The only web servers I run on my ubuntu box are nzbdrone and sabnzbd. Normally I would just reformat and be done with this but problem is I have a software raid 5 I am running with 10 TB of stuff I dont wanna lose.

enter image description here

( shows no PID just ?'s)

Someone please tell me how I can stop this it is crippling my network


Solution 1:

That looks like a load of outgoing connections to an Amazon CloudFront node.
CloudFront is Amazon's content delivery network product. It could be hosting anything.

So to answer your headline question: No, you aren't being ddossed. This isn't distributed and it's not an attack. Your computer is nuking your network by creating too many connections for your router.

To properly diagnose you would need to either:

  • Intercept the outgoing traffic with something like Wireshark.
  • Work out the application sending the requests.

But given that you're running two pretty substantial downloading applications, they would be my first obvious suspects. Shut them down and see if things improve.

In my limited experience with NZB, it might be that you just need to limit the number of connections they're making. Many will split files into dozens of chunks and the downloader will use multiple threads on each. If you tell the downloader to just do a couple of chunks at a time, you might see better performance.

Or get a better router.

Related

What does the form field »Enter Auth username« during the boot proccess mean?
Lock keys panel indicator for MATE Desktop
How to rip an audio CD into flac
What are the default settings for '/etc/hosts' and '/etc/hostname'?
Change directory to target of move operation
List only processes that are in suspended mode
How do I get the version number of a snap package?
.NET, event every minute (on the minute). Is a timer the best option?
SVG in img element proportions not respected in ie9
In R markdown in RStudio, how can I prevent the source code from running off a pdf page?
JAXB: How to change XJC-generated classes names when attr type is specified in XSD?
how do I implement role based access control in firebase