OGN (range) flooded from PWCV32QG & PWWestBfd?

[Kevin W]

Hi All

I run an OGN Range service, and it appears to be being flooded by PAW stations, and more specifically by  PWCV32QG & PWWestBfd:

Code: [Select]

[root@ognrange kevin]# ncat localhost 50000 | grep "\->" | awk -F \> '{print $2}' | head -n 1000 | sort | uniq -c
      2 AIRS03
      1 FLRDDBCB5
     38 PAW3E7B05
      1 PAW402956
     13 PAW402ECC
     10 PAW404A8B
     22 PAW404DE6
     99 PAW4050B7
     16 PAW40540D
     41 PAW405D94
     21 PAW405FB1
    368 PWCV32QG
    368 PWWestBfd
I am not familiar enough with the APRS network that OGN use for passing information around - but at least the PWCV32QG & PWWestBfd lines look very out of place?

Code: [Select]

->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 7163 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware
::             PWCV32QG: ppm -99.0/-99.0 db [PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware ]
PWCV32QG: LOWCPU & noppm (flagged 7175 times)PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 7164 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>103100h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware
::             PWCV32QG: ppm -99.0/-99.0 db [PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware ]
PWCV32QG: LOWCPU & noppm (flagged 7176 times)PWCV32QG>APRS,TCPIP*,qAC,GLIDERN1:>103100h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

[Seanhump]

PWWestBfd is currently sat next me, and appears to be running as per normal from what I can see …

Are you saying it's picking up too much traffic .? (I'm not far from EMA .....)

[Admin]

I saw this recently, but I am looking now and I am not seeing anything from CV3
How old is your data Kevin ?

was this 10:31 this morning ?

The offending IP Addresses I am seeing are :-

PWCV32QG 94.7.142.64
PWCV32QG 5.80.179.158
PWCV32QG 81.159.47.87

I think there may also be a bug due to disconnects, this needs investigating.

**EDIT** Kevin how old is your data PWWestBfd has been down since Monday
133 PWWestBfd  v20190511 Mon May 13 05:53:16 BST 2019 DOWN + 214865

Thx
Lee

[Kevin W]

Hi All

That data was live from this morning, I ran the command several times and got the same sort of results every time.  All of the 'spam' messages were station Beacons, not aircraft position reports unfortunately.

Running it this evening I seem to be getting a few other stations 'spamming':

Code: [Select]

[root@ognrange kevin]# ncat localhost 50000 | grep "\->" | awk -F \> '{print $2}' | head -n 1000 | sort | uniq -c
      2 OGN1A5A06
    249 PWCV32QG
    251 PWEDXD
    249 PWWestBfd
    247 PWWilmcot
      2 UKBDY
.

All again are Beacons, rather than position reports:

Code: [Select]

->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 128200 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWWilmcot>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWWilmcot>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware
::            PWWilmcot: ppm -99.0/-99.0 db [PWWilmcot>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware]
PWWilmcot: LOWCPU & noppm (flagged 45319 times)PWWilmcot>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware
::               PWEDXD: ppm -99.0/-99.0 db [PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware   ]
PWEDXD: LOWCPU & noppm (flagged 80832 times)PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware
::               PWEDXD: ppm -99.0/-99.0 db [PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware   ]
PWEDXD: LOWCPU & noppm (flagged 80833 times)PWEDXD>APRS,TCPIP*,qAC,GLIDERN4:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWBroadmd>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWBroadmd>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware
::            PWBroadmd: ppm -99.0/-99.0 db [PWBroadmd>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware]
PWBroadmd: LOWCPU & noppm (flagged 1117 times)PWBroadmd>APRS,TCPIP*,qAC,GLIDERN1:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware<-
--------------------------------------------------------
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 128201 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>204618h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

Let me run it again over a longer time period and report back.

Cheers
Kev

[Admin]

Hi Kevin

I think I need to understand the capture window you are looking at
This message should be 2 in 5 mins

Thx
Lee

[Kevin W]

So, looking a 1 min of data, I see the following station identifiers sending this amount of data:

Code: [Select]

(many more stations removed from here, including PW ones)
      3 UKBDY
      3 UKBSN
      3 UKCLK
      3 ukinv
      3 UKPAR
      3 UKPOC
      3 UKRIN
      3 UKTEW
      3 UPTON
      3 Vansbro
      3 VHAVA
      3 Walbeck
      3 WBUXTON
      3 WBUXTON2
      3 Weelde
      3 Wellingtn
      3 WELZ
      3 Wemding5
      3 Witten
      3 YBSS
      3 YLAB
      3 YSCN
      3 YSTW2
      3 ZENAIR
      3 ZHAWisc
      8 Moosburg
   1728 PWWestBfd
   1731 PWEDXD
   1731 PWWilmcot
   1734 PWCV32QG

The data I see from stations mentioned 3 or so times looks like this:

Code: [Select]

location beacon PWSwaffha>APRS,TCPIP*,qAC,GLIDERN4:/204943h5240.17NI00043.86E&/A=000262
details beacon PWSwaffha>APRS,TCPIP*,qAC,GLIDERN4:>205434h v20180119 OGN-R/PilotAware
::            PWSwaffha: ppm -99.0/-99.0 db [PWSwaffha>APRS,TCPIP*,qAC,GLIDERN4:>205434h v20180119 OGN-R/PilotAware]
PWSwaffha: LOWCPU & noppm (flagged 64 times)PWSwaffha>APRS,TCPIP*,qAC,GLIDERN4:>205434h v20180119 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

or this:

Code: [Select]

[root@ognrange kevin]# cat /tmp/t | grep ZHAWisc
location beacon ZHAWisc>APRS,TCPIP*,qAC,GLIDERN3:/205411h4729.81NI00843.76E&/A=001440
details beacon ZHAWisc>APRS,TCPIP*,qAC,GLIDERN3:>205411h v0.2.6.ARM CPU:0.2 RAM:340.0/972.2MB NTP:0.0ms/+0.8ppm +58.5C 0/0Acfts[1h] RF:+34-1.2ppm/+16.16dB/-0.8dB@10km[273]/-0.2dB@10km[2/4]
::              ZHAWisc: ppm -1.2/16.2 db [ZHAWisc>APRS,TCPIP*,qAC,GLIDERN3:>205411h v0.2.6.ARM CPU:0.2 RAM:340.0/972.2MB NTP:0.0ms/+0.8ppm +58.5C 0/0Acfts[1h] RF:+34-1.2ppm

from one of the 'spaming' stations looks like this:

Code: [Select]

->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware<-
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 133447 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db
->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware<-
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 133448 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db
->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware<-
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 133449 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db
->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware<-
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 133450 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db
->PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware<-
details beacon PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware
::            PWWestBfd: ppm -99.0/-99.0 db [PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware]
PWWestBfd: LOWCPU & noppm (flagged 133451 times)PWWestBfd>APRS,TCPIP*,qAC,GLIDERN2:>205506h v20190511 OGN-R/PilotAware>>cpu 0 0 ppm, 0 db

and on 10 mins worth of data:

Code: [Select]

      6 ZENAIR
      6 ZHAWisc
      6 ZrhKip
      6 ZrhUzh
      8 LZPT
      9 AUBR1
      9 AUBR2
      9 CNC4A
      9 CNC4B
      9 CNZ8A
      9 CNZ8B
      9 CYFD1
      9 CYFD2
      9 CYKF1
      9 CYKF2
      9 CZBA1
      9 CZBA2
      9 LFOD
      9 LKKO
      9 PENALLY
      9 YTOC
     10 KalkarESP
     10 Rocco
     14 ETSR
     16 Motala
     22 LOIH
     32 AIRS03
     64 Moosburg
  17301 PWWilmcot
  17319 PWWestBfd
  17322 PWEDXD
  17352 PWCV32QG

Hope that helps.

[Kevin W]

The first and second post was just based on the time it took to get 1,000 lines out of the fetchrange3.pl script.

The most recent post was based on 1 min, and then 10 mins worth of data.

For all of them, the script prints out more than 1 line for some APRS lines it receives - so I wouldn't be surprised to see 1 APRS Beacon showing up as up to 3 counts in the uniq -c output - but clearly those 4 are showing up many hundreds of times more.

I will send you my number, get in touch if access to the box helps.

Cheers
Kev

Hi Kevin

I think I need to understand the capture window you are looking at
This message should be 2 in 5 mins

Thx
Lee

[Admin]

Hi Kevin

OK, this is weird, I have a Client written in C, and I run it and pipe the output to grep PWCV3, I am seeing nothing
I have another process that runs to see when this was last observed and it was here

19 PWCV32QG   v20190511 Tue May 14 06:32:28 BST 2019 DOWN + 143932

I have seen nothing since 06:32 this morning

But I AM seeing a constant stream from PWEDXD

I need to investigate what could cause this to loop

Thx
Lee

[Kevin W]

I wonder if the difference is to do with which servers are you connecting to?  Fetchrange connects to:

my @servers = ( 'glidern1.glidernet.org:10153',
                'glidern2.glidernet.org:10153',
                'glidern3.glidernet.org:10153',
                'glidern4.glidernet.org:10153',
                'aprs.glidernet.org:10152' );

Cheers
Kev

[Kevin W]

Looking a lot better this morning with Version 20190515.  A 1 min sample:

Code: [Select]

(lots removed from here)
      3 YSTW5
      3 YSTW6
      3 YSTW9
      3 ZAottos
      3 ZrhUzh
      5 AIRS03
      6 Moosburg
      8 LFGB
    120 PWWestBfd

Cheers
Kev

[Admin]

Yes there is still an issue with PWWestBfd

Sean if you can log onto your OGN-R and run the following command

$ nc localhost 50002

This may give me a clue, if there is too much text, possibly

$ nc localhost 50002 | grep "INTF-OGN"


Thx
Lee

[Admin]

Hi Kevin

How is it looking now, I have put in a lot of debug monitors.
I think the issue was that the OGN Client was not connecting to the server, causing the PAW Client to keep connecting.

I am unsure why the OGN Client was failing to connect, I dont have good remote logging for this process

Thx
Lee

[Kevin W]

Hi Lee

Perfect.  In 1 min:

Code: [Select]

(lots removed)
      3 Twing
      3 Uedem
      3 UKBIC
      3 UKBSN
      3 UKCRI
      3 UKEAS
      3 UKFES
      3 UKGRL2
      3 ukinv
      3 UKMAM
      3 UKOAK
      3 UKPAR
      3 UKPOC
      3 UKPRK
      3 UKSHS
      3 UKTEW
      3 UPTON
      3 Walbeck
      3 WBUXTON
      3 WBUXTON2
      3 Wellingtn
      3 Windach
      3 YARA
      3 YMCF
      3 YSCN
      3 YTEM
      8 AIRS03
      8 Moosburg

Filtering for PW:

Code: [Select]

      3 PWBkpark
      3 PWBooker
      3 PWCalneW
      3 PWCambrid
      3 PWChelt
      3 PWCPNmob
      3 PWCV32QG
      3 PWETNG
      3 PWGROVEFM
      3 PWLydeway
      3 PWMiltnKy
      3 PWMorecam
      3 PWRhiwFaw
      3 PWSwaffha
      3 PWUKBIC
      3 PWUKGRL
      3 PWUKLSW
      3 PWUKPOC
      3 PWUKPRK
      3 PWWestBfd

Cheers
Kev

[Admin]

For everyone interested, I think I know why this has been happening, and it is related to this which I posted on glidernet
https://groups.google.com/d/msg/openglidernetwork/WSx-KUqBicE/wPklFfeOAQAJ

I am now reporting back to the central server when this happens, and I am seeing these stations fail
PWChelt,1558175092,38,EVENT,OGN-RF,DEMOD,FAIL
PWRhiwFaw,1558175092,37,EVENT,OGN-RF,DEMOD,FAIL
PWCalneW,1558175096,38,EVENT,OGN-RF,DEMOD,FAIL
PWBooker,1558175100,38,EVENT,OGN-RF,DEMOD,FAIL
PWCV32QG,1558175101,40,EVENT,OGN-RF,DEMOD,FAIL
PWBkpark,1558175107,38,EVENT,OGN-RF,DEMOD,FAIL
PWWestBfd,1558175108,49,EVENT,OGN-RF,DEMOD,FAIL

A reboot should fix this, and I am considering putting an automatic reboot in when this occurs, but I am a little reluctant to do that without resolving what the issue is.

Thx
Lee

[Ian Melville]

That's going deep into the workings of OGN.

I not there has been no rush to reply