Scanning routers

How do I run runZero without crashing my router?

If your router is crashing while being scanned, the likely issue is that your router is stateful and it is keeping track of every connection going through it. Since our scanning process involves thousands of attempted connections, your router likely ran out of available stateful sessions. This usually occurs when a router is using Network Address Translation (NAT) or is acting as a stateful security firewall.

If this happens, here’s what you can do:

  • Avoid scanning across routed networks (wired and WiFi, multiple VLANs, etc) by deploying additional Explorers.
  • Reduce the Max group size in your scan configuration. This limits the number of targets runZero can scan at once, which correlates to the number of connections the router sees. Default is 4096.
  • Reduce the scan speed. This will give failed connections more time to expire before new ones are attempted.
  • If a router can run in bridge mode, and you don’t need its NAT features, bridge mode will likely be more reliable. For example, if you have an ISP-provided router connected to a WiFi mesh system, you will likely want to run the mesh system in bridge mode and let the ISP router handle all routing including NAT; you should then be able to scan across your WiFi network without crashing the base stations.