[GTER] Problemas com broadcast na rede
Livio Zanol Puppim
livio.zanol.puppim at gmail.com
Tue Apr 15 17:44:00 -03 2008
http://wiki.mikrotik.com/wiki/Securing_New_RouterOs_Router
add chain=services protocol=udp dst-port=5678 action=accept comment="
MT Discovery Protocol" disabled=no
MikroTik Neighbor Discovery Protocol description
MNDP basic function is to assist with automatic configuration of
features that are only available between two MikroTik routers.
Currently this is used for the "Packet Packer" feature. The "Packet
Packer" may be enabled on a per interface basis. The MNDP protocol
will then keep information about what routers have enabled the
"unpack" feature and the "Packet Packer" will be used for traffic
between these routers. The MikroTik routers must be connected by an
Ethernet like interface.
Specific Properties:
* works on interfaces that support IP protocol and have least one IP address
* is enabled by default for all new Ethernet-like interfaces --
Ethernet, radio, EoIP, IPIP tunnels, PPTP-static-server
* when older version on the RouterOS are upgraded from a version
without discovery to a version with discovery, current Ethernet like
interfaces will not be automatically enabled for MNDP
* uses UDP protocol port 5678
* a UDP packet with router info is broadcasted over the interface
every 60 seconds
* every 30 seconds, the router checks if some of the neighbor
entries are not stale
* if no info is received from a neighbor for more than 180 seconds
the neighbor information is discarded
http://www.mikrotik.com/documentation//manual_2.3/manual_2.3.html
Em 15/04/08, Paulo Rogério Silva Araújo<paulorsa at gmail.com> escreveu:
> ainda não analizei pra ver em qual porta e protocolo o mikrotik faz o
> anuncio de neighbor mas vale a pena verificar
>
> Em 14/04/08, ProtectNet<protectnet at gmail.com> escreveu:
>
> > Verifique sua configuração de ip do MK, é necessario que seu ip seja
> > xxx.xxx.xxx.xxx/XX,
> > voce ultiliza mascara 255.255.255.0 na sua rede de radios ???
> >
> > eu aqui ultilizo /27 255.255.255.224 pois tenho 29 aps...
> >
> > veja a possibilidade de trocar sua mascara de rede, isso aumenta sua
> > segurança e reveja sua configuração de IP do MK, voce usa o IP na eth0
> > ? na Brigde ???
> >
> > Em 14/04/08, Flavio Junior<billpp at gmail.com> escreveu:
> >
> > > Hm.. Não conheço mitrokit, mas um:
> > > echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
> > > não resolveria?
> > >
> > >
> > >
> > > --
> > >
> > > Flávio do Carmo Junior
> > >
> > > 2008/4/14 Welisson <welisson at conectcor.com.br>:
> > >
> > > > Boa tarde a todos da lista.
> > > >
> > > > To com a seguinte situação, na rede temos algumas AP como Mikrotik e de uns
> > > > tempo para cá elas começaram a perde pacotes na interface ETH, só que os
> > > > clientes não perde pacotes, no entanto isso me chamou a atenção, e comecei a
> > > > analisar o trafego e vi que a AP perde pacote quandodo joga pacotes para
> > > > Broadcast, como segue o log abaixo.
> > > >
> > > > 17:37:46.193602 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 13429, length 40
> > > > 17:37:46.194899 IP 201.xxx.xxx.xxx > 200.200.xxx.xxx: ICMP echo reply, id 512,
> > > > seq 13429, length 40
> > > > 17:37:46.609187 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.619063 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.621328 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.625453 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.630540 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.632255 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.632888 IP 201.xxx.xxx.xxx.5678 > 255.255.255.255.5678: UDP, length 56
> > > > 17:37:46.691985 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 14709, length 40
> > > > 17:37:47.194669 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 14965, length 40
> > > > 17:37:52.182715 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 20341, length 40
> > > > 17:37:52.679306 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 21621, length 40
> > > > 17:37:57.184026 arp who-has 201.xxx.xxx.xxx tell 201.xxx.xxx.xxx(GW)
> > > > 17:37:57.679409 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 26997, length 40
> > > > 17:37:58.179093 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 27253, length 40
> > > > 17:37:58.183795 arp who-has 201.xxx.xxx.xxx tell 201.xxx.xxx.xxx(GW)
> > > > 17:37:59.181331 arp who-has 201.xxx.xxx.xxx tell 201.xxx.xxx.xxx(GW)
> > > > 17:38:03.189635 arp who-has 201.xxx.xxx.xxx tell 201.xxx.xxx.xxx(GW)
> > > > 17:38:03.191240 arp reply 201.xxx.xxx.xxx is-at 00:13:20:3d:08:8a
> > > > 17:38:03.191346 IP 200.200.xxx.xxx > 201.xxx.xxx.xxx: ICMP echo request, id
> > > > 512, seq 32629, length 40
> > > > 17:38:03.191703 arp reply 201.xxx.xxx.xxx is-at 00:02:2a:d4:84:0e
> > > > 17:38:03.195318 IP 201.xxx.xxx.xxx > 200.200.xxx.xxx: ICMP echo reply, id 512,
> > > > seq 32629, length 40
> > > >
> > > > Já bloqueiei o trafego em FORWARD e INPUT 255.255.255.255 e nada, continuo
> > > > tendo esse trafego acima.
> > > > S.O Linux
> > > > --
> > > > gter list https://eng.registro.br/mailman/listinfo/gter
> > > >
> > > --
> > > gter list https://eng.registro.br/mailman/listinfo/gter
> > >
> > --
> > gter list https://eng.registro.br/mailman/listinfo/gter
> >
>
>
>
> --
> ----BEGIN GEEK CODE BLOCK-----
> Version: 3.12
> GCC/GS>GJ dpu s+:+ a- C++$ ULB*++++$ P L+++$ !E W++ N++ o? K? w--- O-
> M+ V- PS+++ PE-- Y+ PGP- !t 5? !X R tv- b++ DI++ D++ G e+>+ h--- r+++ y++
> -----END GEEK CODE BLOCK-----
>
> WTF ? http://www.geekcode.com
>
> __________________
> Paulo R. S. Araújo
> paulorsa at gmail.com
>
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
>
More information about the gter
mailing list