# Frequent Connections On UDP Port



## pearjas (Apr 20, 2010)

Hi guys.. Normally, I don't pay too much attention to my firewall log, but I was taking a look at it today and I noticed that I'm getting constant connection attempts on UDP 17. I do routine scans with both Malwarebytes and Avira Antivirus, which I'm doing again right now and I can't imagine it being virus/spyware related. I'm thinking this has to be something normal, but I can't think of what it could be. For now, I'm blocking it and I haven't ran into any issues, however. 

It seems to start right as I launch Chrome and continues every few minutes off and on. Does anyone have any clues?? I'm attaching a screenshot of my firewall log. Hopefully the attachment is okay.


----------



## MitchConner (May 8, 2015)

That looks like LLMNR multicast (ff02) from your PC. No idea if you can disable it on your machine (not a windows guy unfortunately).


----------



## pearjas (Apr 20, 2010)

It only seems to come on when my router is on.. does that mean it's likely the LLMNR?


----------



## MitchConner (May 8, 2015)

I'd check your ipv6 link-local address against the one that is up there (fe80).


----------



## MitchConner (May 8, 2015)

MitchConner said:


> I'd check your ipv6 link-local address against the one that is up there (fe80).


ipconfig/all

I don't know how you're connecting so it'll be the link-local address under either your lan or wlan connection.


----------



## pearjas (Apr 20, 2010)

After doing IPconfig, that appears to be what it is. It's my IPV6 Link-Local address. So I'm assuming this means I should just allow it then and not disable it... lol. Surprisingly no harm has come from having the firewall block it.


----------



## MitchConner (May 8, 2015)

You likely have some sort of bonjour application running on your PC (itunes?) so I wouldn't bother disabling it. Your firewall should always block multicast traffic so I wouldn't worry about it


----------



## pearjas (Apr 20, 2010)

Thanks!


----------

