29 May
2017
29 May
'17
10:35 p.m.
On Mon, May 29, 2017 at 06:49:54PM -0700, David Ranch wrote:
Understood but if we started advising users to enable
Avahi, MNDP, etc. to
UCSD's IP, you would start to see richer data. The question is.. can these
different protocols be configured to only send these advertisements
(broadcasts) to the UCSD IP vs. everyone.
--David
KI6ZHD
As far as I can see, you can't enable these services to a specific IP,
you enable them to a multicast or broadcast address that is defined
for the particular service.
According to some of the online info, these typically have to be enabled
on a per-interface basis. Whether they would get forwarded from a host
sending one of them through a gateway router and then to UCSD is an iffy
question - most of the stuff I saw on line was about being sure to block
such traffic with various interface configurations and firewall rules.
And as you say, you probably don't want to forward them down every tunnel
you have access to, just to the one at UCSD, and that's a whole bag of
worms in itself, when you consider that for most Linux gateways, it's
the same interface for all tunnels.
Mikrotik might be different because you have to have one tunnel interface
per destination tunnel, and presumably you could enable MNDP on just the
one facing UCSD, but I'm not sure there's much to be learned from MNDP
except perhaps the model of Mikrotik in use.
For Avahi and such, I see many difficulties.
- Brian