Improvements and doubts in the AX6000
I am here once again asking for friendly help with questions about the modem indicated in the form.
I have previously contacted you using the protocol TP20230412020522.
Now, analyzing some things like network packets, I found the following questions, it seems that the modem is communicating with some sites automatically:
Where 'IP_MOLDEM' is the IP of the WAN interface.
Where 'DNS_MOLDEM' is the DNS configured for the WAN interface.
16:28:02.367399 IP (tos 0x0, ttl 64, id 16129, offset 0, flags [DF], proto UDP (17), length 64)
IP_MOLDEM.50614 > DNS_MOLDEM.domain: [udp sum ok] 32837+ A? a . root-servers . net. (36)
0x0000: 8e00 0000 8e8e b0a7 b900 40a1 0800 4500
0x0010: 0040 3f01 4000 4011 3fb7 c000 02ca 976a
0x0020: 61c0 c5b6 0035 002c 6a45 8045 0100 0001
0x0030: 0000 0000 0000 0161 0c72 6f6f 742d 7365
0x0040: 7276 6572 7303 6e65 7400 0001 0001
16:28:04.486705 IP (tos 0x0, ttl 64, id 16738, offset 0, flags [DF], proto UDP (17), length 75)
IP_MOLDEM.55049 > DNS_MOLDEM.domain: [udp sum ok] 35077+ A? n-deventry-gw . tplinkcloud . com. (47)
0x0000: 8e00 0000 8e8e b0a7 b900 40a1 0800 4500
0x0010: 004b 4162 4000 4011 3d4b c000 02ca 976a
0x0020: 61c0 d709 0035 0037 e020 8905 0100 0001
0x0030: 0000 0000 0000 0d6e 2d64 6576 656e 7472
0x0040: 792d 6777 0b74 706c 696e 6b63 6c6f 7564
0x0050: 0363 6f6d 0000 0100 01
16:28:05.381726 IP (tos 0x0, ttl 64, id 17457, offset 0, flags [DF], proto UDP (17), length 55)
IP_MOLDEM.47464 > DNS_MOLDEM.domain: [udp sum ok] 6658+ A? yahoo . com. (27)
0x0000: 8e00 0000 8e8e b0a7 b900 40a1 0800 4500
0x0010: 0037 4431 4000 4011 3a90 c000 02ca 976a
0x0020: 61c0 b968 0035 0023 23f1 1a02 0100 0001
0x0030: 0000 0000 0000 0579 6168 6f6f 0363 6f6d
0x0040: 0000 0100 01
16:40:34.272062 IP (tos 0x0, ttl 64, id 3872, offset 0, flags [DF], proto UDP (17), length 54)
IP_MOLDEM.34699 > DNS_MOLDEM.domain: [udp sum ok] 56310+ A? ebay . com. (26)
0x0000: 8e00 0000 8e8e b0a7 b900 40a1 0800 4500
0x0010: 0036 0f20 4000 4011 6fa2 c000 02ca 976a
0x0020: 61c0 878b 0035 0022 2ec1 dbf6 0100 0001
0x0030: 0000 0000 0000 0465 6261 7903 636f 6d00
0x0040: 0001 0001
I would really like you to create a patch to analyze the integrity of the firmware.
I did not access any sites like 'a . root-servers . net, n-deventry-gw . tplinkcloud . com, yahoo . com, ebay . com' apparently it is coming from the equipment itself.