Next message: Alper SELCUK: "RE: [cisco-ttl] arp packets"
10.0.0.0 255.255.0.0 ile 10.1.0.0 255.255.0.0 networkleri modem ip leri için yani 130000 ip buna karşılık pc ipleri için 195.174.x.0 195.174.y.0 arasında 31 tane network ve yaklaşık 8000 ip ayarlanmış durumda.
arp isteği :pc ipleri için yollanıyor ve de kullanılan veya kullanılmayan ipler de sorgulanıyor .yani 195 ile başlayanlar , 10... olanlar değil bu fark edermi acaba düşünürken
cmts bu arp sorgulamasını yapmak zorunda mı ?
cmtsin bu sorgulamasını kısıtlıyamaz mıyız?
Ilker Temir <ilker_at_ilkertemir.com> wrote: Kablo networkleri uzmanlik alanimim disinda ancak burada dikkati ceken
onemli noktalar var. Interface uzerinde kullandiginiz IP networkleri cok
genis bir adres alanini kapsiyor (70 binin uzerinde).
Sorun buyuk ihtimalle bu network adresinde bulunan ama kullanilmayan
adreslerden kaynaklaniyor. Herhangi bir uc nokta 10'lu network'te bir
portscan yaptiginda dahi router bu adreslerin her biri icin ARP requesti
gondermek durumunda, ki tanimladiginiz soruna oldukca uyuyor. Daha uzun
ag maskeleri kullanarak (ozellikle 10.0.0.0/16 networku icin) iyilesme
saglayabilirsiniz saniyorum.
Bu arada brodcast bir interface'e yonelttiginiz bir statik route var mi?
Eger varsa (ozellikle kisa ag maskesine sahip), sorunun kaynaklarindan
biri olabilir.
Ilker
Gb74ist wrote:
>
> arp paketlerinin yollandığı interface configuration aşağıdaki şekildedir
>
> debug çıktılarını vermeye cesaret edmiyorum , ancak olanak olursa yollayacağım ,
>
>
>
>
>
>
>
> interface Cable3/0
>
> bandwidth 27000
>
> ip address 195.174.96.10 255.255.240.0 secondary
>
> ip address 195.174.112.10 255.255.252.0 secondary
>
> ip address 10.0.0.1 255.255.0.0
>
> ip helper-address 62.248.101.242
>
> load-interval 30
>
> cable tftp-enforce
>
> cable shared-secret 7 00344151166F11505C156717512110314B2C55307B197D036061
>
> cable max-hosts 10
>
> cable insertion-interval 500
>
> cable bundle 1 master
>
> cable downstream annex B
>
> cable downstream modulation 64qam
>
> cable downstream interleave-depth 32
>
> cable downstream frequency 537000000
>
> cable downstream channel-id 0
>
> cable upstream 0 description (Erenkoy)- FN:18+10+27+30+41
>
> cable upstream 0 frequency 37008000
>
> cable upstream 0 power-level 0
>
> cable upstream 0 channel-width 3200000
>
> cable upstream 0 minislot-size 2
>
> cable upstream 0 modulation-profile 1
>
> no cable upstream 0 rate-limit
>
> cable upstream 0 s160-atp-workaround
>
> no cable upstream 0 shutdown
>
> cable upstream 1 description (Erenkoy)- FN:05+07+15+22
>
> cable upstream 1 frequency 37008000
>
> cable upstream 1 power-level 0
>
> cable upstream 1 channel-width 3200000
>
> cable upstream 1 minislot-size 2
>
> cable upstream 1 modulation-profile 1
>
> no cable upstream 1 rate-limit
>
> cable upstream 1 s160-atp-workaround
>
> no cable upstream 1 shutdown
>
> cable upstream 2 description (Erenkoy)- FN:13+02+45+46
>
> cable upstream 2 frequency 42000000
>
> cable upstream 2 power-level 0
>
> cable upstream 2 channel-width 3200000
>
> cable upstream 2 minislot-size 2
>
> cable upstream 2 modulation-profile 1
>
> no cable upstream 2 rate-limit
>
> cable upstream 2 s160-atp-workaround
>
> no cable upstream 2 shutdown
>
> cable upstream 3 description (Soyak)- FN:01
>
> cable upstream 3 frequency 33008000
>
> cable upstream 3 power-level 0
>
> cable upstream 3 channel-width 3200000
>
> cable upstream 3 minislot-size 2
>
> cable upstream 3 modulation-profile 1
>
> no cable upstream 3 rate-limit
>
> cable upstream 3 s160-atp-workaround
>
> no cable upstream 3 shutdown
>
> cable upstream 4 frequency 33008000
>
> cable upstream 4 power-level 0
>
> cable upstream 4 channel-width 3200000
>
> cable upstream 4 minislot-size 2
>
> cable upstream 4 modulation-profile 1
>
> no cable upstream 4 rate-limit
>
> cable upstream 4 s160-atp-workaround
>
> no cable upstream 4 shutdown
>
> cable upstream 5 description (Kucukyali)- FN:01+02+03+04+05+06+07+Ultra
>
> cable upstream 5 frequency 33008000
>
> cable upstream 5 power-level 0
>
> cable upstream 5 channel-width 3200000
>
> cable upstream 5 minislot-size 2
>
> cable upstream 5 modulation-profile 1
>
> no cable upstream 5 rate-limit
>
> cable upstream 5 s160-atp-workaround
>
> no cable upstream 5 shutdown
>
> cable dhcp-giaddr policy
>
> no keepalive
>
> !
>
>
> ---------------------------------
> Do you Yahoo!?
> Send holiday email and support a worthy cause. Do good.
>
> [Non-text portions of this message have been removed]
>
>
>
> Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
>
> Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
> Yahoo! Groups Links
>
>
>
>
>
>
>
Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
Yahoo! Groups SponsorADVERTISEMENT
---------------------------------
Yahoo! Groups Links
To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe_at_yahoogroups.com
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
---------------------------------
Do you Yahoo!?
Send holiday email and support a worthy cause. Do good.
[Non-text portions of this message have been removed]
Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
<*> To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe_at_yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.5
: Tue Jan 04 2005 - 19:20:43 GMT