11 Nov
2020
11 Nov
'20
7:57 a.m.
I think he is trying to say he receives:
Outer (IPIP) pair: from 169.228.34.84 to his gateway (<###.###.###.###>)
-> Inner pair (encapsulated): from <any non 44net address-bandits> to
<gb7cip hosted 44net: gateway routes>
This is how any internet originated traffic looks like, and everything
comes over ampr-gw (44.0.0.1/169.228.34.84).
There is not much one can do about it, except unregistering the hosts in
the DNS, which will prevent forwarding by the ampr gateway.
Marius, YO2LOJ
On 11.11.2020 14:27, lleachii--- via 44Net wrote:
Paul,
Wait...are you saying that you're receiving IPENCAP packets from a registered gateway
- that contains malicious or invalid traffic?
Or that you see malicious traffic with an internal source IP matching the subnet
registered to GB7CIP??? (AMPRGW doesn't send 44 packets unless they's BGP, as I
recall...)
Or that you're receiving routes from a source other than AMPRGW???
In networking context, it's not completely clear what you mean by "pairs of
addresses". I don't understand the need to obfuscate the IPs.
<gb7cip hosted 44net: gateway routes>
- KB3VWG
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net