Mesh router software bug

I was trying to troube shoot an issue with spectrum and I logged into my root router. I have four mesh routers. The first time you view the status tab, the page will be populated with stale data and indict that the router is not connected to the internet. The user will need to refresh the page a view times before its populated with current data.

If wyze is reading this forum, a few enhancements would be nice:

  1. a tab that shows you everything on the mesh network
  2. a port blocking feature
  3. a utility that allows the router to probe the ISP to see what ports the ISP is blocking.

That last one is impossible from the client end. To determine what ports the ISP is blocking, you need to probe each port FROM the Internet, and determine which ports actually make it to your Internet connection. Can’t be done from your end.
Essentially the process would be some device on the internet will probe port 1, and your router would need to determine if the probe arrived. Repeat for all 64K ports. There are online port scanners that will look for open ports on your network, but they can not tell if your ISP is blocking a port or you simply have no device that will respond on that port. Obviously if you do have something that will respond on a particular port, and your ISP is not blocking it, the port scanner will be able to see it and may be able to give some information about what is there. If your router or your ISP is responding on a port with a reject, the port scanner can see that as well.

Why cant we put a little software in the router that talks to a little software in a wyze server and reports the results to me?

As I said, the probes must be done from the Internet. Wyze could in theory add a service to do that, and then add software into their routers to specifically co-ordinate with their servers running that service.
What would need to happen is the router and server establish a connection for the service. Then the server would tell your router “I’m going to probe port 1 - let me know when you receive it”. If the router sees the probe on port 1, it reports that fact back to the server running the service. Repeat for all 64K ports. Yes, that can be done partially concurrently. Once all ports are probed, the server would then send a report either back to the router, or more likely to your account E-Mail address.

Thanks James, so it can be done. I think it would be a very useful feature. I have been arguing with spectrum for days that they block ports. The tech support guys were adamant that they didn’t block any ports on their network. I have an ooma device that needs port 53 and 127 and the ooma device has such a feature to probe ports. This device needs ports that sectrum is blocking. When I told the support guys they were wrong and I can send them the data to show them, they back pedalled and said well those ports are blocked for security. what is it? you pass all ports or block some? It’s annoying to talk to people who are often wrong but never in doubt. You cant argue with data, ya know?

Outbound or inbound? Outbound, they should not be blocking anything (except maybe 25). As far as I can tell, Spectrum is not blocking anything on my service. Although I ran my own mail server for many years, I have never tried to use it on my Spectrum service because I can only get a DHCP address from spectrum and most major mail systems block port 25 traffic they receive from known DHCP IP blocks.
Port 53 is DNS, and although some ISPs redirect DNS requests to their own DNS server, the functionality should still work.
Normally consumer devices such as your Ooma do not require anything special since they are expected to be behind non-techie consumer devices. So they do all establishment as outbound data so no configuration is required in the end user’s router. Some devices will require setting up a port forward, but most do not.

Here is the data I get from my test:
TCP 53 Denied
TCP 443 Denied
UDP 53 Denied
UDP 123 Denied
UDP 514 Denied
UDP 1194 Denied
UDP 3386 Denied
UDP 3480 Denied
UDP 10000 Denied
UDP 10500 Denied
UDP 11000 Denied
UDP 11500 Denied
UDP 12000 Denied
UDP 12500 Denied
UDP 13000 Denied
UDP 13500 Denied
UDP 14000 Denied
UDP 14500 Denied
5/6/23, 9:18 AM Ooma Telo Setup 2/2
Port No Status
UDP 15000 Denied
UDP 15500 Denied
UDP 16000 Denied
UDP 16500 Denied
UDP 17000 Denied
UDP 17500 Denied
UDP 18000 Denied
UDP 18500 Denied
UDP 19000 Denied
UDP 19500 Denied
UDP 20000 Denied

It doesnt say whether its in bound or outbound.

when I ran this test, I hooked the device directly up to the fiber modem, with no router at all.

anyhow, we are getting off topic

How are you doing that test? can I assume that you are using one of the online port scanner tests?

Try this:

Open Port Check Tool

If ya froggy, unplug your router, and plug your laptop directly into your cable modem. There’s all sorts of suites of those type utilities floating around out there. But make sure you have sanitized that laptop’s drive from all your personal data, because it certainly at risk without some “stuff” between it and the ocean of people out there snooping.

Think about how important finding those blocked ports are to you before you do, though.

I would not leave even my name or town anywhere in the OS. While its not likely to happen in the time you are exposed, there many clowns hosted by some bad actors/countries that are laying in wait for the clumsy or vulnerable.

Now, having said all that. Why would Wyze want to “put a little software in the router” for the few that think they need it? What’s in it for them, that’s worth the risk of the ways it could be abused or backfire on them?"

What Wyze does read is the #wishlist topic that lists all the improvements requested for the Wyze Mesh Router and Wyze Mesh Router Pro.

Follow the link, Vote at the top, like :heart: some posts, and add your own request if it hasn’t already been requested.

It won’t help with the apparent bug that shows stale data in the app, but there are a lot of great ideas there and a lot of room for UI improvement and Advanced Features.