Just a quick comment on all this... 10/8 numbers are routable they are just reserved for private networks. However, many providers use them on serial interfaces (this is acceptable)...even @home uses 10/8 IPs on serial interfaces and you will see them when doing a traceroute through their network.
On Sun, 02 Jan 2000 21:42:20 -0800, you wrote: >Send postings to: [EMAIL PROTECTED] >Access the list archives at: >http://www.gnatbox.com/gb-users/ >---------------------------------- >It would appear to me that you have your GNAT Box configured to use itself >as a DNS server. DNS runs on UDP at port 53. The interface at 10.3.2.111 >is sending DNS queries to 10.3.2.111 (itself) at port 53. Those packets >are being rejected and logged because by default there is no filter to >allow them (and no service to process or respond to them unless you would >have built a tunnel to a DNS server on the PSN, with the corresponding >filter to allow incoming traffic.) > >You should check your Internal and External DNS server entries in the GNAT >Box and enable only the one that really exists on each interface (assuming >that you are working with GNAT Box 3.x). If I remember correctly, GNAT Box >2.x only allows one DNS server entry, but again, it should be a valid DNS >server on the PSN or on the EXT interface. > >At 04:30 PM 01/02/2000 -0600, Cliff Pryce wrote: > >> In my log files created by syslog.exe I have recently >>started receiving thousands of these entries per day: >> >> >> 17 5 Jan 2 16:09:36 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1346]->[10.3.2.111/53] l=41. >> 17 5 Jan 2 16:09:42 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1348]->[10.3.2.111/53] l=41. >> 17 5 Jan 2 16:09:47 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1350]->[10.3.2.111/53] l=41. >> 17 5 Jan 2 16:09:52 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1352]->[10.3.2.111/53] l=41. >> 17 5 Jan 2 16:09:57 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1354]->[10.3.2.111/53] l=41. >> 17 5 Jan 2 16:10:02 FILTER: Remote access filter blocks: >>UDP lo0 [10.3.2.111/1356]->[10.3.2.111/53] l=41. >> >> Having searched all the documentation, I can find no >>relative info for the "lo0" port. >> >> The ip that this is blocking is in fact my external IP >>address. This error/block continues even though all workstations have been >>shut down and the gnat box disconnected at the protected and external >>network cards. > >At 05:21 PM 01/02/2000 -0800, Matthew Schalit wrote: >>It's ok because it comes from the local host. Buuuuut..... >>Here's the second instance in one day where I've read that someone's external >>registered IP address is on the Class A 10.x.y.z network, which is impossible >>as we all know that the 10.any.th.ing subnet is reserved for private LAN's >>and >>is non-routable. I even saw an outbound trace that worked. I guess >>people are >>running some kind of network masq'ing. > >If the EXT interface is not connected directly to the Internet, but rather >to another private network, 10.x.x.x is a good choice for clarity, as it is >a popular choice for private WAN addresses. > >I have also seen some xDSL Internet Providers using 10.x.x.x within their >networks, between the Internet and Global IP addresses assigned to their >subscribers, while providing full IP routing both ways on the network. >-joeb > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message
