Date: Wed, 9 Oct 2002 14:36:35 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: TheGlenMann <cumquott@suscom.net> Cc: freebsd-questions@freebsd.org Subject: Re: Ping to broadcast ok from subnet, not ok otherwise Message-ID: <20021009142318.M3949-100000@cactus.fi.uba.ar> In-Reply-To: <3493.12.151.4.177.1034175499.squirrel@webmail.suscom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Oct 2002, TheGlenMann wrote: > Hi all- > > > Sitting at a 10.10.1.n machine, I can ping the gateway 10.10.x.254 on > every subnet. However, a ping to the broadcast address as > ping -c1 10.10.x.255 > fails on some of the subnets (from outside that subnet). From within the > subnet, the ping to the broadcast succeeds everywhere. Pings to known > hosts (and 10.10.x.254) succeed always from everywhere. > > So, my question is, why would I be able to successfully ping to the > broadcast address from within a subnet but not from outside the subnet, > but only in certain cases? We have a mix of windows, FreeBSD, router, and > other machines on each subnet. (I'm led to ask all this since where the > broadcast doesn't work from outside the subnet, neither does DHCP, which > is proving to be a real problem!) The routers should block packets destined to the internal net broadcast address to prevent the infamous "smurf attack". Search the CERT for details. I seem to remember that Cisco routers are configured to drop those packets by default. That explains why you can ping the broadcast from within the LAN and not from outside (the router drops the packet on the floor). As far as DHCP, there is a dhcprelay (part of the isc-dhcp port) to pass DHCP requests between networks. Besides, having only one dhcp server for the whole WAN is (IMHO) a Bad Idea (TM), it screams "single point of failure". Fer > > Thanks > -Glen Mann > > -- > "I may not have had enough of me, but I've had enough of you." > Robert Fripp, Exposure > -- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021009142318.M3949-100000>