|
Posted by Dan Lanciani on May 6, 2008, 4:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
James) writes:
| Based on numerous tests, I have come to the conclusion that the
| router/switch on Verizon's side is totally spoof protected: It will not
| respond to an ARP query unless the source address is one of the 61 addresses
| assigned to us
You could always add a static arp entry for Verizon's gateway on your end
and proceed with option D as I indicated. Of course, if they change their
MAC address you will lose connectivity until you adapt.
| (we've tried .2 and also tried assigning 10.1.1.1 to the
| outside of the router, and giving a static route to our gateway.) In one
| case, .2 worked briefly -- probably because we had just swiched over, and it
| had an association of our MAC address with a valid IP.
Possibly there had been an incoming packet to which your router had
responded as a proxy. That would not look spoofed since the address
would be in your range, and in any case your router would have picked
up the MAC address of Verizon's router in the process.
Dan Lanciani
ddl@danlan.*com
|
|
Posted by Dan Lanciani on May 6, 2008, 4:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
James) writes:
| Based on numerous tests, I have come to the conclusion that the
| router/switch on Verizon's side is totally spoof protected: It will not
| respond to an ARP query unless the source address is one of the 61 addresses
| assigned to us
You could always add a static arp entry for Verizon's gateway on your end
and proceed with option D as I indicated. Of course, if they change their
MAC address you will lose connectivity until you adapt.
| (we've tried .2 and also tried assigning 10.1.1.1 to the
| outside of the router, and giving a static route to our gateway.) In one
| case, .2 worked briefly -- probably because we had just swiched over, and it
| had an association of our MAC address with a valid IP.
Possibly there had been an incoming packet to which your router had
responded as a proxy. That would not look spoofed since the address
would be in your range, and in any case your router would have picked
up the MAC address of Verizon's router in the process.
Dan Lanciani
ddl@danlan.*com
|
| Similar Threads | Posted | | Re: Excessive interface resets on Cisco 1841 and FIOS line | February 6, 2008, 9:26 pm |
| Nobody knows the Answer!!! :-( | August 20, 2004, 2:56 am |
| Re: Why didn't Verizon sue Cisco instead? | March 11, 2007, 12:10 pm |
| PIX 501 Verizon Infospeed DSL | November 22, 2007, 9:04 pm |
| Verizon TLS (Q in Q) multicast challenge | February 21, 2006, 10:20 pm |
| Ring no Answer on as5800? | November 9, 2004, 10:32 am |
| WIC-1AM - auto answer question | June 29, 2006, 9:59 am |
| Cisco 1750 again - still no right answer :( | October 24, 2006, 2:45 pm |
| Dropping Connections (Verizon Aircard) | October 29, 2007, 12:41 pm |
| CISCO PIX hard question, can you answer it? TIA | September 1, 2005, 3:01 pm |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map