[nSLUG] Problems with Eastlink Hosting Multiple IPs on One Network Interface
jim at jcampbell.ca
Tue Nov 15 13:31:41 AST 2005
Jonathan Freedman wrote:
> Ok. As I'm sure most of you know, cable modem networks are treated as
> huge "logical" local area networks. hence the hella arp requests. now what
> most of you might not know is that each modem is actually an embedded
> system which does quite a bit of filtering. the outgoing port 25 filter,
> for example, is blocked right at your modem. the non-arp packets for
> everyone else on this "LAN" is blocked at the modem as well.
> now for the broken alias stuff... i have been running anywhere from two to
> four IP's aliased on a 2.4.x based linux firewall for two years now
> without any issues.
As were we until a few months ago. Three years with a Linux PC firewall
and then 1+ years on the Cyberguard. We did have a Terayon cable modem
until about four months ago which required having arp entries manually
entered (if you changed MACs you had to make a tech support call).
> i had to get into policy routing at one point, but
> that's another story. it sounds like what the eastlink tech told you is
> true with their arp tables having troubles updating. you can try asking
> them to set static arp entries.
He tried that, it seemed to completely break access to the aliased IPs (
I couldn't even see the ping requests arriving at the Cyberguard)
> if they refuse, try calling back and ask
> for someone else. good ol' call centers.
The guy I am dealing with is helpful enough, but right now he's stumped.
I am sure there's a really good explanation as to what is
happening--just wish I knew what it is.
More information about the nSLUG