[Linux-aus] internode/iinet/tpg ipv4 bogons in route
dap at zepherin.com
dap at zepherin.com
Wed Jun 15 23:33:19 AEST 2022
I am sure I'm not blocking the ping at my (UDM Pro) firewall, but the Fritz!box also has a firewall.
Because I see the weird 10.20.21.212 hop outbound, I assumed I would see it on inbound, and thus it appeared to be the next hop to fix.
However, no small amount of dorking about with the Fritz!Box has resulted in me figuring out that I need to designate the UDM as "exposed host".
I know I should have more faith in the Unifi firewall, and I should have been happy to put the UDM into the DMZ, but I always felt marginally less insecure leaving it so that the mystical, inaccessible Fritz!box firewall was also preventing rogue SYNs from molesting my sockets.
Once I enable "Exposed Host" on the Fritz, pings work, and "mtr" is able to reveal to me that there is no 10.20.21.212 hop inbound. Just outbound.
The bogon hop still annoys me -- perhaps I need to get a life.
Sent with Proton Mail secure email.
------- Original Message -------
On Wednesday, June 15th, 2022 at 15:10, Paul Gear via linux-aus <linux-aus at lists.linux.org.au> wrote:
> The existence of that node on the path should not break mtr - it should
> continue trying increased TTLs until it gets to the end node.
>
> Are you sure you're not blocking ping at your firewall?
>
> On 15/6/22 14:35, Damon Permezel via linux-aus wrote:
>
> > Breaks mtr.
> > Im trying to diagnose some issues and the other party insists on mtr
> > working from both sides.
> > Inbound to me the 10.20.21.212 drops all pings and mtr goes no further.
> > The ping is not addressed to 10.20.21.212. It should elicit a ttl
> > expired icmp response.
> >
> > Thats the main reason this got my attention again.
>
> _______________________________________________
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> http://lists.linux.org.au/mailman/listinfo/linux-aus
>
> To unsubscribe from this list, send a blank email to
> linux-aus-unsubscribe at lists.linux.org.au
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - dap at zepherin.com - 0x2DD13951.asc
Type: application/pgp-keys
Size: 721 bytes
Desc: not available
URL: <http://lists.linux.org.au/pipermail/linux-aus/attachments/20220615/c9497171/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linux.org.au/pipermail/linux-aus/attachments/20220615/c9497171/attachment-0001.sig>
More information about the linux-aus
mailing list