On Thu, Apr 12, 2001 at 05:02:05AM -0500, Donald R. Spoon wrote: > I don't know if this applies to you or not, but our local "Road Runner" > Cable service has packets in the 10.X.Y.Z address space all over the > network. A friend noticed this after he used part of this space for his > home LAN, and noticed some "strange" entries in his IPMasq logs. It > turns out that the local RR has an "internal" network too...apparently > for monitoring/control of their cable network. The only "real" problem > was the numerous entries filling up his logs. The "fix" was to narrow > his netmask from 255.0.0.0 to 255.255.255.0. This effectively blocked > out all the local RR traffic from the logs. The "Deny" says your > firwall/IPMasq setup is doing it's job, I think. I wonder if your cable > service is doing something similar?? This is reasonable speculation (I'm speaking as the past administrator of a cable ISP's network). There's no good reason to waste "real" IP addresses on the cable modems and monitoring/support servers when RFC1918 addresses do the job. You should definitely change the netmask on your rules to strictly match what you have set up on your interfaces. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:nnorman@micromuse.com | -- Patton
Attachment:
pgpcsYYICDNeF.pgp
Description: PGP signature