udp multicast packet leakage out to wrong network

From: Alan Williamson (alan_at_blog-city.com)
Date: 09/26/05

  • Next message: Bernd Schubert: "Re: NIS problems" 
    Date: 26 Sep 2005 11:02:37 -0700

    i am pulling my hair out with this one. here is the problem.

    I have dell blade setup; each blade has 2 network cards in it. We have
    configured it such that [eth0=world] [eth1=internal/192.168.0.xxx].
    One of the blades is configured to have both network cards active at
    the same time.

    Now here is the rub.

    There is lots of internal traffic flowing around

      192.168.0.a -> 192.168.0.b
      192.168.0.b -> 192.168.0.c

    With no problems whatsoever. This traffic is kept within the network
    with no packets 'leaking' out onto the [world] network.

    However, we have mod_backhand installed on the internal machines,
    pulsing out a small multicast UDP packet on 192.168.0.255 every 1
    second. All multicast packets are leaking out onto the [world]
    network, with the MAC address of those packets originating from the
    actual internal machine.

    The internal machines cannot ping/access any machines on the outside
    world, so i can only conclude that the machine i have setup that has
    both network cards in it, is some how rebroadcasting the UDP Multicast
    packet out onto the [world] network.

    Where should I be looking? The route table for the gateway machine is:

    -------------------------
    # route
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
    81.a.b.0 * 255.255.255.0 U 0 0 0 eth0
    169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
    127.0.0.0 * 255.0.0.0 U 0 0 0 lo
    default 81.a.b.c 0.0.0.0 UG 0 0 0 eth0
    -------------------------

    How can i say that for 192.168.0.x traffic there is no gateway; it
    should remain within the network? Or am i barking up the wrong tree
    here?

    I appreciate any light anyone could shed on this.

    thanks

    alan

  • Next message: Bernd Schubert: "Re: NIS problems"

    Relevant Pages

    • Re: debugging routing problem
      ... The setup is that I have a linux box as the firewall/router ... I just added a wireless router/hub onto the internal network. ... internal machines sending out requests, ... I'd suspect that your wireless router has somehow munged the routing ...
      (comp.os.linux.networking)
    • RE: Strange network activity
      ... > Subject: Strange network activity ... > querying internal machines for the RPC vulnerability. ... any bells in your heads that there just *might* be a wee bit of a problem on ...
      (Incidents)
    • Re: NAT port mapping problem..
      ... I hope that the internal machines work like a machine in ... the internal machines should access ... the resources of the internal network by u turn. ...
      (microsoft.public.windows.server.networking)
    • DHCP server problems
      ... I am trying to run a network that is also connected to the internet via ... I would like to have the internal machines that are running ... the windows machines get their bogus ip address. ...
      (comp.os.linux.setup)
    • Re: Ethernet issue: works one way but not another
      ... packets transmitted, 5 packets received, 0% packet loss ... (This is when connected directly to internet through ... FBSD, I have been working with BSDI at the isp I work for for the last ... As for my network topology, I have an internal network that goes ...
      (freebsd-questions)