Re: [cisco-ttl] arp packets

From: Ilker Temir (ilker_at_ilkertemir.com)
Date: Tue Jan 04 2005 - 11:58:47 GMT

  • Next message: Ilker Temir: "Re: [cisco-ttl] Access List : ardisik subnet"

    Kablo networkleri uzmanlik alanimim disinda ancak burada dikkati ceken
    onemli noktalar var. Interface uzerinde kullandiginiz IP networkleri cok
    genis bir adres alanini kapsiyor (70 binin uzerinde).

    Sorun buyuk ihtimalle bu network adresinde bulunan ama kullanilmayan
    adreslerden kaynaklaniyor. Herhangi bir uc nokta 10'lu network'te bir
    portscan yaptiginda dahi router bu adreslerin her biri icin ARP requesti
    gondermek durumunda, ki tanimladiginiz soruna oldukca uyuyor. Daha uzun
    ag maskeleri kullanarak (ozellikle 10.0.0.0/16 networku icin) iyilesme
    saglayabilirsiniz saniyorum.

    Bu arada brodcast bir interface'e yonelttiginiz bir statik route var mi?
    Eger varsa (ozellikle kisa ag maskesine sahip), sorunun kaynaklarindan
    biri olabilir.

    Ilker

    Gb74ist wrote:
    >
    > arp paketlerinin yollandığı interface configuration aşağıdaki şekildedir
    >
    > debug çıktılarını vermeye cesaret edmiyorum , ancak olanak olursa yollayacağım ,
    >
    >
    >
    >
    >
    >
    >
    > interface Cable3/0
    >
    > bandwidth 27000
    >
    > ip address 195.174.96.10 255.255.240.0 secondary
    >
    > ip address 195.174.112.10 255.255.252.0 secondary
    >
    > ip address 10.0.0.1 255.255.0.0
    >
    > ip helper-address 62.248.101.242
    >
    > load-interval 30
    >
    > cable tftp-enforce
    >
    > cable shared-secret 7 00344151166F11505C156717512110314B2C55307B197D036061
    >
    > cable max-hosts 10
    >
    > cable insertion-interval 500
    >
    > cable bundle 1 master
    >
    > cable downstream annex B
    >
    > cable downstream modulation 64qam
    >
    > cable downstream interleave-depth 32
    >
    > cable downstream frequency 537000000
    >
    > cable downstream channel-id 0
    >
    > cable upstream 0 description (Erenkoy)- FN:18+10+27+30+41
    >
    > cable upstream 0 frequency 37008000
    >
    > cable upstream 0 power-level 0
    >
    > cable upstream 0 channel-width 3200000
    >
    > cable upstream 0 minislot-size 2
    >
    > cable upstream 0 modulation-profile 1
    >
    > no cable upstream 0 rate-limit
    >
    > cable upstream 0 s160-atp-workaround
    >
    > no cable upstream 0 shutdown
    >
    > cable upstream 1 description (Erenkoy)- FN:05+07+15+22
    >
    > cable upstream 1 frequency 37008000
    >
    > cable upstream 1 power-level 0
    >
    > cable upstream 1 channel-width 3200000
    >
    > cable upstream 1 minislot-size 2
    >
    > cable upstream 1 modulation-profile 1
    >
    > no cable upstream 1 rate-limit
    >
    > cable upstream 1 s160-atp-workaround
    >
    > no cable upstream 1 shutdown
    >
    > cable upstream 2 description (Erenkoy)- FN:13+02+45+46
    >
    > cable upstream 2 frequency 42000000
    >
    > cable upstream 2 power-level 0
    >
    > cable upstream 2 channel-width 3200000
    >
    > cable upstream 2 minislot-size 2
    >
    > cable upstream 2 modulation-profile 1
    >
    > no cable upstream 2 rate-limit
    >
    > cable upstream 2 s160-atp-workaround
    >
    > no cable upstream 2 shutdown
    >
    > cable upstream 3 description (Soyak)- FN:01
    >
    > cable upstream 3 frequency 33008000
    >
    > cable upstream 3 power-level 0
    >
    > cable upstream 3 channel-width 3200000
    >
    > cable upstream 3 minislot-size 2
    >
    > cable upstream 3 modulation-profile 1
    >
    > no cable upstream 3 rate-limit
    >
    > cable upstream 3 s160-atp-workaround
    >
    > no cable upstream 3 shutdown
    >
    > cable upstream 4 frequency 33008000
    >
    > cable upstream 4 power-level 0
    >
    > cable upstream 4 channel-width 3200000
    >
    > cable upstream 4 minislot-size 2
    >
    > cable upstream 4 modulation-profile 1
    >
    > no cable upstream 4 rate-limit
    >
    > cable upstream 4 s160-atp-workaround
    >
    > no cable upstream 4 shutdown
    >
    > cable upstream 5 description (Kucukyali)- FN:01+02+03+04+05+06+07+Ultra
    >
    > cable upstream 5 frequency 33008000
    >
    > cable upstream 5 power-level 0
    >
    > cable upstream 5 channel-width 3200000
    >
    > cable upstream 5 minislot-size 2
    >
    > cable upstream 5 modulation-profile 1
    >
    > no cable upstream 5 rate-limit
    >
    > cable upstream 5 s160-atp-workaround
    >
    > no cable upstream 5 shutdown
    >
    > cable dhcp-giaddr policy
    >
    > no keepalive
    >
    > !
    >
    >
    > ---------------------------------
    > Do you Yahoo!?
    > Send holiday email and support a worthy cause. Do good.
    >
    > [Non-text portions of this message have been removed]
    >
    >
    >
    > Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
    >
    > Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    > Yahoo! Groups Links
    >
    >
    >
    >
    >
    >
    >

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Tue Jan 04 2005 - 16:02:49 GMT