I managed to break Google’s Powermeter — again. But at least this time I know what I did.
I was reviewing my router firewall logs and was not too happy with all the active connections and unknown addresses that were talking to devices in my house. So after dumping them all into a spreadsheet and banging away at reverse DNS lookups I tightened my firewall rules. But that shouldn’t have dumped google… Turns out I also went with a more restrictive set of rules on NAT. If you’re using google power meter don’t select address and port restrictions. Here’s what the D-Link manual has to say on it:
NAT Endpoint Filtering The NAT Endpoint Filtering options control how the router’s NAT manages incoming connection requests to ports that are already being used.
- Endpoint Independent
- Once a LAN-side application has created a connection through a specific port, the NAT will forward any incoming connection requests with the same port to the LAN-side application regardless of their origin. This is the least restrictive option, giving the best connectivity and allowing some applications (P2P applications in particular) to behave almost as if they are directly connected to the Internet.
- Address Restricted
- The NAT forwards incoming connection requests to a LAN-side host only when they come from the same IP address with which a connection was established. This allows the remote application to send data back through a port different from the one used when the outgoing session was created.
- Port And Address Restricted
The NAT does not forward any incoming connection requests with the same port address as an already establish connection.
Address restriction works, but Port and Address breaks it.
Seems like Ted – Google integration is very fragile. I’ve dropped feed after a power outage and it’s down again. Seems like it takes a couple re-activation tries and a restart to get Ted talking again.