Re: [cisco-ttl] arp packets

From: Gb74ist (gurcan_basural_at_yahoo.com)
Date: Tue Jan 04 2005 - 13:26:10 GMT

  • Next message: Alper SELCUK: "RE: [cisco-ttl] arp packets"

    10.0.0.0 255.255.0.0 ile 10.1.0.0 255.255.0.0 networkleri modem ip leri için yani 130000 ip buna karşılık pc ipleri için 195.174.x.0 195.174.y.0 arasında 31 tane network ve yaklaşık 8000 ip ayarlanmış durumda.

    arp isteği :pc ipleri için yollanıyor ve de kullanılan veya kullanılmayan ipler de sorgulanıyor .yani 195 ile başlayanlar , 10... olanlar değil bu fark edermi acaba düşünürken

    cmts bu arp sorgulamasını yapmak zorunda mı ?

    cmtsin bu sorgulamasını kısıtlıyamaz mıyız?

     

    Ilker Temir <ilker_at_ilkertemir.com> wrote: Kablo networkleri uzmanlik alanimim disinda ancak burada dikkati ceken
    onemli noktalar var. Interface uzerinde kullandiginiz IP networkleri cok
    genis bir adres alanini kapsiyor (70 binin uzerinde).

    Sorun buyuk ihtimalle bu network adresinde bulunan ama kullanilmayan
    adreslerden kaynaklaniyor. Herhangi bir uc nokta 10'lu network'te bir
    portscan yaptiginda dahi router bu adreslerin her biri icin ARP requesti
    gondermek durumunda, ki tanimladiginiz soruna oldukca uyuyor. Daha uzun
    ag maskeleri kullanarak (ozellikle 10.0.0.0/16 networku icin) iyilesme
    saglayabilirsiniz saniyorum.

    Bu arada brodcast bir interface'e yonelttiginiz bir statik route var mi?
    Eger varsa (ozellikle kisa ag maskesine sahip), sorunun kaynaklarindan
    biri olabilir.

    Ilker

    Gb74ist wrote:
    >
    > arp paketlerinin yollandığı interface configuration aşağıdaki şekildedir
    >
    > debug çıktılarını vermeye cesaret edmiyorum , ancak olanak olursa yollayacağım ,
    >
    >
    >
    >
    >
    >
    >
    > interface Cable3/0
    >
    > bandwidth 27000
    >
    > ip address 195.174.96.10 255.255.240.0 secondary
    >
    > ip address 195.174.112.10 255.255.252.0 secondary
    >
    > ip address 10.0.0.1 255.255.0.0
    >
    > ip helper-address 62.248.101.242
    >
    > load-interval 30
    >
    > cable tftp-enforce
    >
    > cable shared-secret 7 00344151166F11505C156717512110314B2C55307B197D036061
    >
    > cable max-hosts 10
    >
    > cable insertion-interval 500
    >
    > cable bundle 1 master
    >
    > cable downstream annex B
    >
    > cable downstream modulation 64qam
    >
    > cable downstream interleave-depth 32
    >
    > cable downstream frequency 537000000
    >
    > cable downstream channel-id 0
    >
    > cable upstream 0 description (Erenkoy)- FN:18+10+27+30+41
    >
    > cable upstream 0 frequency 37008000
    >
    > cable upstream 0 power-level 0
    >
    > cable upstream 0 channel-width 3200000
    >
    > cable upstream 0 minislot-size 2
    >
    > cable upstream 0 modulation-profile 1
    >
    > no cable upstream 0 rate-limit
    >
    > cable upstream 0 s160-atp-workaround
    >
    > no cable upstream 0 shutdown
    >
    > cable upstream 1 description (Erenkoy)- FN:05+07+15+22
    >
    > cable upstream 1 frequency 37008000
    >
    > cable upstream 1 power-level 0
    >
    > cable upstream 1 channel-width 3200000
    >
    > cable upstream 1 minislot-size 2
    >
    > cable upstream 1 modulation-profile 1
    >
    > no cable upstream 1 rate-limit
    >
    > cable upstream 1 s160-atp-workaround
    >
    > no cable upstream 1 shutdown
    >
    > cable upstream 2 description (Erenkoy)- FN:13+02+45+46
    >
    > cable upstream 2 frequency 42000000
    >
    > cable upstream 2 power-level 0
    >
    > cable upstream 2 channel-width 3200000
    >
    > cable upstream 2 minislot-size 2
    >
    > cable upstream 2 modulation-profile 1
    >
    > no cable upstream 2 rate-limit
    >
    > cable upstream 2 s160-atp-workaround
    >
    > no cable upstream 2 shutdown
    >
    > cable upstream 3 description (Soyak)- FN:01
    >
    > cable upstream 3 frequency 33008000
    >
    > cable upstream 3 power-level 0
    >
    > cable upstream 3 channel-width 3200000
    >
    > cable upstream 3 minislot-size 2
    >
    > cable upstream 3 modulation-profile 1
    >
    > no cable upstream 3 rate-limit
    >
    > cable upstream 3 s160-atp-workaround
    >
    > no cable upstream 3 shutdown
    >
    > cable upstream 4 frequency 33008000
    >
    > cable upstream 4 power-level 0
    >
    > cable upstream 4 channel-width 3200000
    >
    > cable upstream 4 minislot-size 2
    >
    > cable upstream 4 modulation-profile 1
    >
    > no cable upstream 4 rate-limit
    >
    > cable upstream 4 s160-atp-workaround
    >
    > no cable upstream 4 shutdown
    >
    > cable upstream 5 description (Kucukyali)- FN:01+02+03+04+05+06+07+Ultra
    >
    > cable upstream 5 frequency 33008000
    >
    > cable upstream 5 power-level 0
    >
    > cable upstream 5 channel-width 3200000
    >
    > cable upstream 5 minislot-size 2
    >
    > cable upstream 5 modulation-profile 1
    >
    > no cable upstream 5 rate-limit
    >
    > cable upstream 5 s160-atp-workaround
    >
    > no cable upstream 5 shutdown
    >
    > cable dhcp-giaddr policy
    >
    > no keepalive
    >
    > !
    >
    >
    > ---------------------------------
    > Do you Yahoo!?
    > Send holiday email and support a worthy cause. Do good.
    >
    > [Non-text portions of this message have been removed]
    >
    >
    >
    > Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
    >
    > Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    > Yahoo! Groups Links
    >
    >
    >
    >
    >
    >
    >

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups SponsorADVERTISEMENT

    ---------------------------------
    Yahoo! Groups Links

       To visit your group on the web, go to:
    http://groups.yahoo.com/group/cisco-ttl/
      
       To unsubscribe from this group, send an email to:
    cisco-ttl-unsubscribe_at_yahoogroups.com
      
       Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

                    
    ---------------------------------
    Do you Yahoo!?
     Send holiday email and support a worthy cause. Do good.

    [Non-text portions of this message have been removed]

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Tue Jan 04 2005 - 19:20:43 GMT