After installing Zebra for ripd to get win2k routes I am getting this
May 20 23:24:20 ns1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MACSRC=64.42.53.202 DST=64.42.53.207 LEN=92 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF
PROTO=UDP SPT=520 DPT=520 LEN=72
May 20 23:25:25 ns1 last message repeated 3 times
I am new to zebra, so I am assuming that this is broadcasting to windoz
for routes weird !!!
Anybody seen this before the later IP is my broadcast 64.42.53.200/29
Mike :<)
Mike Lander wrote:> After installing Zebra for ripd to get win2k routes I am getting this > > > May 20 23:24:20 ns1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC> SRC=64.42.53.202 DST=64.42.53.207 LEN=92 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF > PROTO=UDP SPT=520 DPT=520 LEN=72 > May 20 23:25:25 ns1 last message repeated 3 times > > I am new to zebra, so I am assuming that this is broadcasting to windoz > for routes weird !!! > Anybody seen this before the later IP is my broadcast 64.42.53.200/29It''s not broadcasting "to Windoze", it''s broadcasting. period. That''s how RIP works. Are you seriously running RIPD on an external interface? Exellent! Watch how many different Linux distro ISOs start getting downloaded through your connection - I wanna try ''em all! :) Seriously, RIP is an internal protocol. I wouldn''t be caught dead running it on any interface whatsoever, but if I had no choice, it would _have_ to be an _interal_ RFC1918 interface, and nothing else. There''s no excuse whatsoever for running RIP on an interface facing the public, anytime, anywhere. If you''re exchanging routes with internet peers, you should be running BGP or OSPF. If you''re exchanging routes internally, you should be running OSPF, period (no Cisco-only IGRP flames here, please). -- Greg White
> > Seriously, RIP is an internal protocol. I wouldn''t be caught dead > running it on any interface whatsoever, but if I had no choice, it would > _have_ to be an _interal_ RFC1918 interface, and nothing else. There''s > no excuse whatsoever for running RIP on an interface facing the public, > anytime, anywhere. > > If you''re exchanging routes with internet peers, you should be running > BGP or OSPF. If you''re exchanging routes internally, you should be > running OSPF, period (no Cisco-only IGRP flames here, please). > > -- > Greg WhiteThanks Greg, I had another router on the network that I had copied the ripd.conf That routers net interface was eth1. So I was broadcasting to the net Duh. Shorewall''s internal is eth1. I have it working now on a 1918 lan. I think its cool that Shorewall was blocking the broadcast to protect my mistake. As far as running BGP, can''t do that. You can''t get General Motors to change to your ideas you have to go along with what they want if you want access to their servers. The are like a Big elephant. Thanks again, Mike