在 2016年4月20日星期三 UTC+8下午2:03:55,Justin Wong写道: > 话不能这么说,大家都是学生。TUNA 这么多项目,也没赚过一分钱,都是技术兴趣。 > > > > > 如果真要按报酬来,业界标准¥100-200/hr,可能我们两小时解决了,也就几百块钱。 > > > > > 跑题了,敢问楼主的问题解决的怎样? > > > > > > -- > > > Justin Wong > > > > > On Wed, Apr 20, 2016, at 13:34, Xin Yue wrote: > > > > > 说句良心话,华三都搞不定的问题,巨巨给你解决了,才只是帮助争取一下勤工助学的报酬。。。 > > > > > > > > > > > > > > > -- > > > "Across the Great Wall we can reach every corner in the world" > > > > > > > > > > > > > > 在 2016年4月20日 下午1:25,Justin Wong <[email protected]>写道: > > > > > > > 抓住个滥用ARP的现行 > > > > > > > -- > > > Justin Wong > > > > > > > > > > > > > > > On Wed, Apr 20, 2016, at 13:24, Sam Stoelinga wrote: > > > > 你可以试试分配IP后,保证IP不会被别人抢了,通过不停的发ARP broadcast。 > > > > > > arping -I enp0s25 -U -b 166.111.144.152 > > > > > > 166.111.144.152 should be IP that the dhcp server gave you. > > > > > > > > > 2016-04-19 16:11 GMT+08:00 Wang Shanker <[email protected]>: > > > 这么搞也可以防止 arp 攻击。 > > > > > > > > > > > > 在 2016年4月19日,16:10,Justin Wong <[email protected]> 写道: > > > > > > > > 打开DHCP snooping可以禁止手动设置IP,ARP攻击怎么防我还真不知道 > > > > > > > > -- > > > > Justin Wong > > > > > > > > On Tue, Apr 19, 2016, at 16:09, 杨海宇 wrote: > > > >> 在 2016年4月19日星期二 UTC+8下午4:03:26,Justin Wong写道: > > > >>> 难道说因为 IP 不够分引起了一些人不爽所以发起 ARP 攻击抢 IP? > > > >>> > > > >>> -- > > > >>> Justin Wong > > > >>> > > > >>> On Tue, Apr 19, 2016, at 16:01, Wang Shanker wrote: > > > >>>> 不会,如果 ip 分光了, dhcp 服务器会拒绝继续分配 ip 地址,不会出现时断时续的问题。 > > > >>>> > > > >>>> 发自我的 iPhone > > > >>>> > > > >>>>> 在 2016年4月19日,15:59,杨海宇 <[email protected]> 写道: > > > >>>>> > > > >>>>> 有同学觉得是ip地址不够分配了,毕竟我们整个系只有/24一个段。可是如果是ip不够用会是这个现象吗? > > > >>>>> > > > >>>>> > > > >>>>> 在 2016年4月19日星期二 UTC+8下午2:06:19,杨海宇写道: > > > >>>>>> 各位巨巨好, > > > >>>>>> 我是热能系的硕士,潜水N年。现在李兆基大楼网络有很多问题,到网关和同网段ip丢包严重,平均60%。经常性出现ip冲突。因为负责网络的人非常不靠谱,只好找金枪鱼求助,恳请有时间的巨巨来指导一下。 > > > >>>>>> 李兆基大楼现在是机械学院很多系的系馆,包括热能系汽车系训练中心。目前环境是光纤到实验室,实验室自己配置交换机。不同系在不同vlan下面,热能系ip段101.6.62.1/24,汽车系166.111.144.1/24(不确定)。行政上,网络由华三提供的解决方案,出问题应该由大楼物业负责,然而物业的网管师傅水平很渣,只会检查网线和光纤通不通。华三的人也来过,但没有查出什么问题。现在的问题是到网关和同网段ip丢包严重(mtr结果在后面),热能系、汽车系不同实验室都存在相同的问题,应该能排除自己交换机的问题。不知道如果是可供使用的ip不够,是否会出现这个问题? > > > >>>>>> 实验室老板让我看看怎么搞,我说另请高明吧,我实在也不是谦虚。老板说系里决定了,由你负责解决。我当时并没有念诗,所以只好求助网管会的各位巨巨。需要巨巨们到现场看一下环境,排查一下问题。如果需要的话,我会和老板争取一下报酬,通过勤工助学的方式给巨巨一些补贴。 > > > >>>>>> 如果哪位巨巨有时间有兴趣,请联系我:15210582389,微信:yang_hai_yu,email: > > > >>>>>> [email protected] / [email protected] > > > >>>>>> > > > >>>>>> > > > >>>>>> 一些结果: > > > >>>>> > > > >>>>> -- > > > >>>>> > > > >>>>> --- > > > >>>>> You received this message because you are subscribed to the Google > >>>>> Groups "TUNA 主邮件列表" group. > > > >>>>> To unsubscribe from this group and stop receiving emails from it, send > >>>>> an email to [email protected]. > > > >>>>> To post to this group, send email to [email protected]. > > > >>>>> For more options, visit https://groups.google.com/d/optout. > > > >>>> > > > >>>> -- > > > >>>> > > > >>>> --- > > > >>>> You received this message because you are subscribed to the Google Groups > > > >>>> "TUNA 主邮件列表" group. > > > >>>> To unsubscribe from this group and stop receiving emails from it, send an > > > >>>> email to [email protected]. > > > >>>> To post to this group, send email to [email protected]. > > > >>>> For more options, visit https://groups.google.com/d/optout. > > > >>>> Email had 1 attachment: > > > >>>> + smime.p7s > > > >>>> 3k (application/pkcs7-signature) > > > >> > > > >> 我明天去检查一下arp。 > > > >> 另外,只打开dhcp snooping可以防止arp攻击吗,可以禁止手动设置ip吗? > > > >> > > > >> -- > > > >> > > > >> --- > > > >> You received this message because you are subscribed to the Google Groups > > > >> "TUNA 主邮件列表" group. > > > >> To unsubscribe from this group and stop receiving emails from it, send an > > > >> email to [email protected]. > > > >> To post to this group, send email to [email protected]. > > > >> For more options, visit https://groups.google.com/d/optout. > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to the Google Groups > > "TUNA 主邮件列表" group. > > > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > > > To post to this group, send email to [email protected]. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google Groups > "TUNA 主邮件列表" group. > > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > > To post to this group, send email to [email protected]. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google Groups > "TUNA 主邮件列表" group. > > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > > To post to this group, send email to [email protected]. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > -- > > > > > --- > > > You received this message because you are subscribed to the Google Groups > "TUNA 主邮件列表" group. > > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > > To post to this group, send email to [email protected]. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > -- > > > > > --- > > > You received this message because you are subscribed to the Google Groups > "TUNA 主邮件列表" group. > > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > > To post to this group, send email to [email protected]. > > > For more options, visit https://groups.google.com/d/optout. > > > 确实有非常多到网关的arp请求。而且还看到了duplicate use of xxx.
我们系自己的学生网管建议过别的学生和老师如果dhcp分不到ip,就自己手动设置一个。。。所以现在肯定有一些人的ip是自己设置的静态ip,不是从dhcp那里拿到的。会不会与问题有关? 自己试了一下,给自己设置一个静态ip是可以用的,但是我要求华三的人在所有楼层交换机上打开dhcp snooping了(可能并不是华三的人,只是个代理商或者只是给大楼建网络的公司的人)。 上次的问题是有人把路由器接反了,导致很多人分到了192.168.0.1/24的私有ip,打开了dhcp snooping之后没再出现这种问题。难道是华三的这个功能我理解错了?或者干脆就没有打开? 华三某配置指南上有写: > 为防止非法用户通过配置静态 IP 地址的方式接入网络,在用户所在 VLAN 内启用 ARP Detection 功能(本例为缺省 VLAN 1 内),基于 DHCP Snooping 表项对用户进行合法性检查,保证合法用户可以正常转发报文 dhcp snooping和ARP Detection是什么关系? PS:话说为什么回复不能加附件了。。。粘贴了一些抓包的结果 7451 76.294550000 Giga-Byt_44:29:8f Broadcast ARP 60 Who has 101.6.62.1? Tell 101.6.62.195 (duplicate use of 101.6.62.195 detected!) 7453 76.332446000 Micro-St_b4:a0:85 Broadcast ARP 60 Who has 101.6.62.1? Tell 101.6.62.233 7454 76.334221000 SuperMic_6c:a8:1b Broadcast ARP 60 Who has 101.6.62.1? Tell 101.6.62.91 7458 76.351186000 Tp-LinkT_e8:79:f4 Broadcast ARP 60 Who has 192.168.1.105? Tell 192.168.1.1 (duplicate use of 192.168.1.1 detected!) 7466 76.377746000 WistronI_b3:79:99 Broadcast ARP 60 Who has 101.6.62.1? Tell 101.6.62.176 7475 76.576748000 Dell_ae:c3:97 Broadcast ARP 60 Who has 101.6.62.1? Tell 101.6.62.62 7482 76.676673000 HewlettP_5a:54:b7 Broadcast ARP 60 Who has 101.6.62.145? Tell 101.6.62.148 -- --- You received this message because you are subscribed to the Google Groups "TUNA 主邮件列表" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
