The reason I have requested this is that I think the current behavoir of
ComOS is technically wrong (note I just said technically - it doesn't
break anything, it just isn't really right). When using OSPF, the PM
advertises the dialup pool IP addresses. However, when traffic is
directed to an address that is not currently in use, the PM sends it on
to the default route, which is usually a router on the ethernet, which
is getting the OSPF routing info, so it sends it back to the PM, etc.
I suppose someone could ping through your address pool to find addresses
not in use and spoof packets to those addresses, causing them to bounce
around your network and maybe clog it up some. Also, if your default
route is back out a T1 (if this is a remote POP), those packets bouncing
back and forth could chew up some bandwidth.
A filter on the port with the default route can be used to capture
these, but then the packets just die. Shouldn't the PM instead return a
host unreachable (or maybe network unreachable) packet? If ComOS had a
null interface (bit bucket) and had a default route to null with a high
metric for advertised addresses, this wouldn't be a problem.
-- Chris Adams - cadams@ro.com System Administrator - Renaissance Internet Services I don't speak for anybody but myself - that's enough trouble. - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message.