What source ip address is sent as part of DHCP discover packet?

Similar Messages

• Ip igmp snooping querier on Nexus, what source IP address to use?

  Am looking at a problem with servers in the same vlan across multiple switches that are unable to communicate using multicast. I have found that in the systen I'm to set up I need to apply the ip igmp snooping querier command, in the vlan, but it needs a source IP address.
  Different documents make conflicting recommendations for this address, one suggests that any unused address will do, another suggests to use the IP address that is configured on the SVI for the vlan.
  Which is correct?

  Eventually I had to ask Cisco TAC, the response was that any IP address within the subnet could be used. The recommendation was to allocate an unused address in the vlan subnet for this purpose, use the same address on multiple switches should resiliance be required.

• What reboot reason forces SPA perform new DHCP Discover

  Hi,
  I know there are different kinds of reboot reasons for the SPA-phones.(https://supportforums.cisco.com/docs/DOC-9889)
  But could anyone specify what reboot reasons that makes the SPA perform a new DHCP Discovery, Request etc.?
  //Anna

  Freebox HD (the media box) is not configurable (at least by user). This is a device provided by Internet service provider in France. Therefore I'm not able to set static address. However, if I connect Freebox HD without Cisco SLM2008 in between it will boot okay, and if I rewire it with SLM2008 afterwards (without powering down) it will continue to work fine.
  In other words, if Freebox HD got IP address it may work through cisco without the problem. However it's not possible to move Freebox HD next to the TV without unplugging it from the outlet
  So the only problem as it seems is to get DHCP Discover packet through the Cisco. I have 3 SLM2008 switches in my installation. The last one was bought this year I believe, so must be still under warranty.
  May be it's a good idea to swap them. However, I feel that this is not a hardware issue, but a firmware. And all of them has same firmware version 2. something...
  I'll attach my traces when I get home.
  Nikolai
  P.S. I've just found this articles on the internet:
  http://serverfault.com/questions/337591/spanning-tree-blocking-dhcp-requests-in-windows-bootp
  http://www.dummies.com/how-to/content/spanning-tree-protocol-stp-and-portfast.html
  Someone has similar problem with different Cisco switch. They suggest the problem is about STP. I've seen some settings about STP in my configuration pages....

• Source ip address for icmp messages not what is expected

  We have a router that has interfaces in multiple VRFs.  One interface sits on an interface that is routed on the Internet.  Other interface sits on a VRF that is in a private address space and is used for WAN connectivity.  The strange behavior that I'm seeing is related to icmp messages coming off the router.  It appears that scanners hitting the Internet-facing interface cause the router to generate icmp messages (type 3) that are source using the IP address of the WAN-facing interface and they are routed across the WAN, into our data center and dropped by our firewall due to anti-spoofing rules.  Is this normal behavior?  Doesn't seem normal to me. Is this behavior something that can be changed via configuration?

  probabaly some body attacking you
  you need inbound access-list in Internet-facing interface.
  and you need to filtr private source addresses classes  A, B, C 
  ip access-list extended InWorld
   deny   ip any 192.168.0.0 0.0.255.255
   deny   ip any 172.16.0.0 0.15.255.255
   deny   ip any 10.0.0.0 0.255.255.255
   permit ip any any
  interface FastEthernet0
   description Internet-facing interface
   ip address 9.2.3.6 255.255.255.252
   ip access-group InWorld in
  later you will see hit counts
  sh access-lis
  here is detailed explanation
  http://www.techrepublic.com/article/prevent-ip-spoofing-with-the-cisco-ios/
  they using more complicated acces-list
  In a typical IP address spoofing attempt, the attacker fakes the source of packets in order to appear as part of an internal network. David Davis tells you three ways you can make an attacker's life more difficult—and prevent IP address spoofing. 
  As you know, the Internet is rife with security threats, and one such threat is IP address spoofing. During a typical IP address spoofing attempt, the attacker simply fakes the source of packets in order to appear as part of an internal network. Let's discuss three ways you can protect your organization from this type of attack.
  Block IP addresses
  The first step in preventing spoofing is blocking IP addresses that pose a risk. While there can be a reason that an attacker might spoof any IP address, the most commonly spoofed IP addresses are private IP addresses (RFC 1918) and other types of shared/special IP addresses.
  Here's a list of IP addresses—and their subnet masks—that I would block from coming into my network from the Internet:
  10.0.0.0/8
  172.16.0.0/12
  192.168.0.0/16
  127.0.0.0/8
  224.0.0.0/3
  169.254.0.0/16
  All of the above are either private IP addresses that aren't routable on the Internet or used for other purposes and shouldn't be on the Internet at all. If traffic comes in with one of these IP addresses from the Internet, it must be fraudulent traffic.
  In addition, other commonly spoofed IP addresses are whatever internal IP addresses your organization uses. If you're using all private IP addresses, your range should already fall into those listed above. However, if you're using your own range of public IP addresses, you need to add them to the list.
  Implement ACLs
  The easiest way to prevent spoofing is using an ingress filter on all Internet traffic. The filter drops any traffic with a source falling into the range of one of the IP networks listed above. In other words, create an access control list (ACL) to drop all inbound traffic with a source IP in the ranges above.
  Here's a configuration example:
  Router# conf t
  Enter configuration commands, one per line.  End with CNTL/Z.
  Router(config)# ip access-list ext ingress-antispoof
  Router(config-ext-nacl)# deny ip 10.0.0.0 0.255.255.255 any
  Router(config-ext-nacl)# deny ip 172.16.0.0 0.15.255.255 any 
  Router(config-ext-nacl)# deny ip 192.168.0.0 0.0.255.255 any 
  Router(config-ext-nacl)# deny ip 127.0.0.0 0.255.255.255 any
  Router(config-ext-nacl)# deny ip 224.0.0.0 31.255.255.255 any
  Router(config-ext-nacl)# deny ip 169.254.0.0 0.0.255.255 any     
  Router(config-ext-nacl)# permit ip any any     
  Router(config-ext-nacl)# exit
  Router(config)#int s0/0
  Router(config-if)#ip access-group ingress-antispoof in
  Internet service providers (ISPs) must use filtering like this on their networks, as defined in RFC 2267. Notice how this ACL includes permit ip any any at the end. In the "real world," you would probably have a stateful firewall inside this router that protects your internal LAN.
  Of course, you could take this to the extreme and filter all inbound traffic from other subnets in your internal network to make sure that someone isn't on one subnet and spoofing traffic to another network. You could also implement egress ACLs to prevent users on your network from spoofing IP addresses from other networks. Keep in mind that this should be just one part of your overall network security strategy.
  Use reverse path forwarding (ip verify)
  Another way to protect your network from IP address spoofing is reverse path forwarding (RPF)—or ip verify. In the Cisco IOS, the commands for reverse path forwarding begin with ip verify.
  RPF works much like part of an anti-spam solution. That part receives inbound e-mail messages, takes the source e-mail address, and performs a recipient lookup on the sending server to determine if the sender really exists on the server the message came from. If the sender doesn't exist, the server drops the e-mail message because there's no way to reply to the message—and it's very likely spam.
  RPF does something similar with packets. It takes the source IP address of a packet received from the Internet and looks up to see if the router has a route in its routing table to reply to that packet. If there's no route in the routing table for a response to return to the source IP, then someone likely spoofed the packet, and the router drops the packet.
  Here's how to configure RPF on your router:
  Router(config)# ip cef
  Router(config)# int serial0/0
  Router(config-if)# ip verify unicast reverse-path
  Note that this won't work on a multi-homed network.
  It's important to protect your private network from attackers on the Internet. These three methods can go a long way toward protecting against IP address spoofing. For more information on IP address spoofing, read "IP Address Spoofing: An Introduction."
  Is IP address spoofing a major concern for your organization? What steps have you taken to protect the company? Have you used RPF? Share your experiences in this article's discussion.
  and dont forget to rate post

• How do I view what email address I sent an iPhoto to?

  I sent a photo via iPad to an email address, but don't know where to find what email address I sent it to.  Is there a way to find out to whom the photo was sent?

  Home > Mail > Account
  Select the Account.
  There should be Inbox, Sent and Trash folders.
  Don't have Sent folder?

• What determines the address iCal email reminders are sent from?

  *What determines the address iCal email reminders +are sent from+?*
  On our g4 iMac, running Tiger, my wife has multiple pop3 email accounts. 6 to be exact.
  She only has one address listed in her address book, and that is her own main primary address.
  She recently started using iCal email reminders for reoccurring events. At first she was getting emails from her main address mailed to her main address. Works as planned.
  But recently, she is getting reminders emailed to her main address send from one of her other POP 3 email accounts. This is not desirable. She needs them to come from her main address, the one that is her primary account and is listed in the address book. She is not sure what caused this change or why.
  So the question is, what determines the address the email reminder is sent from and how can you change this to another address.
  THX

  Yes, that's what I thought too.
  There is only one address besides the "APPLE" card in her book, and that is her primary address, and unfortunately, NOT the one her reminders are coming from.

• What is broadcast address

  What is broadcast address

  Hi,
  While correct answers have already been posted here, let me broaden the scope a little to provide a context.
  In data communication, there is often a need to send a datagram to all stations connected to the same medium, or the same link, without even knowing their own addresses. It is like shouting aloud in a room to speak to all present persons at once, without knowing their names. This is broadcasting. We use it often, not just if intentionally want a message to be delivered and processed by all other stations, but also in times when we want the message to be processed only by a single specific device - but we do not know the address of that device, so the only solution is to send the message to everyone and hope that the specific device receives the broadcast as well. Think of DHCP, for example: a client that has just started does not know the address of the DHCP server. The only way of contacting it is to send the DHCP datagrams as broadcasts, hoping that apart from other clients that will receive these DHCP messages (and ignore them), they will also be received by a DHCP server who will then respond.
  Because datagrams commonly used in our networks, either frames or packets, have only a single "Destination Address" field, you cannot list all possible recipients in that field of a single frame to make sure that everyone receives it. Instead, a specific pre-defined address is used in place of the destination address field, indicating that this is a broadcast datagram intended to be received and processed by everyone.
  On Ethernet, the broadcast MAC address is FF:FF:FF:FF:FF:FF
  In IPv4, a so-called limited broadcast address is 255.255.255.255. Packets destined to this address are never routed through a router.
  In IPv4, each network and subnet has its specific broadcast address that is also called a directed broadcast. For example, the 192.168.1.0/24 network has the broadcast address of 192.168.1.255. The 10.0.8.64/29 network has the broadcast address of 10.0.8.71. These broadcast addresses are called directed broadcasts because they can actually be used to send broadcasts from a different source than the network itself: From any location, I can send packets destined to 192.168.1.255 and they will initially be routed normally just like any other IP packets but when they reach a router on which a network is directly attached for which the 192.168.1.255 would be a broadcast address, these packet might be forwarded into that network as broadcasts.
  There is a relation between broadcast MAC and IP addresses. As you know, when unicast IP packets are sent over an Ethernet network, they are encapsulated into Ethernet frames and the destination MAC is resolved using the ARP protocol. With a packet destined to a broadcast IP address, there is an exception: the IP stack knows immediately that the packet shall be encapsulated into frames with the destination MAC of FF:FF:FF:FF:FF:FF.
  It is worth noting that the broadcasting is primarily a function of Layer2. It is the Ethernet that allows sending a single datagram and have it delivered to all stations within an Ethernet domain (LAN or VLAN). You could have your IPv4 driver generate broadcast packets but they must still be encapsulated into Layer2 frames, and if the particular Layer2 technology does not support broadcasts on its own, you simply don't have it. The only thing you can do is to send multiple Layer2 frames carrying the same broadcast IP packet, with the Layer2 frames being addressed to each connected station in turn. You would emulate the broadcast in this way, but it is not a true broadcast.
  My two cents...
  Best regards,
  Peter

• Why is i tunes gift card not going to email address I sent it to ?

  I tunes gift card not going to email address I sent it to. Why ?

  Sorry, I must have missed your last response, but can you calrify what feature do you want to use in FormsCentral? There are email receipts and email notifications. If you want the user to receive a copy of the date he entered in the form, then the user needs to enter an email address in the form and submit the form, but if you want the user to receive all responses he and others submit to a form, then it's email notification. It sounds like email receipts in your case. For email receipts to work, you need to have an email field in your form and set up Email Receipts in the options tab, by selecting the email field in the "To:" field.

• Redirect based on source IP address????

  I have a site that I don't want our competitors to view! By
  tracking code, I have managed to obtain their source IP addresses.
  After looking around, there is a .php solution to my problem
  but my host is not well suited to .php files (although it does some
  processing).
  My pages are in .shtml (to process css drop-down menus
  correctly) and I understand that this attached code, if put at the
  top of the page before anything else, will work.
  I have managed to get one working
  http://www.donbur.co.uk/gb/newindex.php
  but am having difficulty getting this code to work elsewhere.
  The problem is, when I try to put this code into either a
  template or as an include, it won't process correctly or the page
  won't render at all.
  Do I have to use .php files or can I insert php script into
  an .shtml document.
  Getting really confused now.... HELP

  Thanks for the constructive advice...
  quote:
  >After looking around, there is a .php solution to my
  problem but my host is not well
  >suited to .php files (although it does some processing).
  What does this mean? Does your hosting plan include php
  support or not?
  You can't just put a php script into any page. It needs to be
  a .php page or you need to reconfigure the server to parse other
  pages for php. But if your hosting plan doesn't support php then it
  won't work in any case.
  My host is BT Internet and they claim not to process .php
  files which is why our main .php site is hosted elsewhere; however,
  it seems that, although it has difficulty (to clarify: doesn't
  render) with main full scripts, it does seem to process simple
  <?php echo commands for example.
  It has been suggested on another forum that the .shtml files
  are set to be recognised by .php in the cpanel but our host will
  not do this...
  Our competitors are not particularly smart or up-to-date and
  this would have been reasonably effective; however, I bow to better
  judgement and close this topic.

• Doing Source IP address NAT. Using 1 address vs using many

  I have a few implimentations where I am using source groups to do NAT on the client's source IP address. It is possible to always translate the source IP address to the same one, or to have it be different depending on the content rule you hit.
  Is there any advantage of one over the other?

  Thanks for the thoughts. I am aware of the content rule limitation, and actually, (depending on your definition of PAT vs NAT) the CSS can do NAT of the source IP address using source groups and an ACL. It can translate the source IP address of an incoming packet from a client into a different IP address. You don't really have a pool of addresses like you do on a Cisco router, you can specify a single IP address to translate the source address to, or different ones depending on the content rule you hit, so it is kind of like NATing with overload on a router. I am doing it now.
  The basic steps for doing NAT on the source(I.E.-Client's) IP address are:
  group [groupx]
  ip address [source address you want to change client IP to]
  active
  acl 1
  clause 10 permit any any destination [VIP of content rule] sourcegroup [groupx]
  apply circuit-(VLANx)
  If the inbound packet on VLANx matches all the criteria in the clause statement, the "sourcegroup" part of the clause statement links you to the ip address that you want to NAT your client's source address to.
  You can build on this and make it as fancy as you like, even translating the source address to different addresses depending on the content rule you hit. I'm just wondering if there is an advantage of using many different IP addresses over using just one.

• WS-Addressing not sent?

  First a few files (at http://www.eeweep.be/bpel).
  -validator.wsdl is the wsdl for my webservice (the version at runtime has the endpoint url filled in of course)
  -validatorWrapper.wsdl adds partnerlink
  -ValidatorTest.bpel is the bpel proces
  -ValidatorTest.wsdl is the wsdl of the bpel proces
  Because the operation in the webservice can take a few hours, we decided to make it asynchronous. The problem is the WS-Addressing info is not included in the soap header when sent to the webservice. I know it is possible because the Taskmanager service does get the WS-Addressing sent.
  Can anyone tell me what I'm doing wrong?

  Hi, did you find the answer to this problem? I'm expriencing the exact same problem. No WS-Addressing is sent in the SOAP Header.

• What is SMTP address?

  Anybody could u tell what is SMTP address?
  Thanks in advance.

  jschell wrote:
  Vinodha wrote:
  Anybody could u tell what is SMTP address?It is an address for SMTP of course.I'm not sure I have ever seen "SMTP address" used as a technical term. Maybe it's one of those phrases like "e-mail ID" which are loosely used in some parts of the world instead of the standard phrases.

• The maximum number of connections per source ('20') for this connector has been reached by this source IP address

  Receive connector 'Connector Name' rejected an incoming connection from IP address "IP of our load balancer". The maximum number of connections per source ('20') for this connector has been reached by this source IP address.
  I understand that I can up the limit - however, I'm wondering if there is a way to up the limit for ONE specific IP (our load balancer)
  TAG

  It does not look like you can up the limit for a specific IP but you might be able to create a separate receive connector for that IP address (and then change the limit).
  That is just a thought. Others may have more input on why you may or may not want to do that in practice.
  What SMTP traffic would not be coming from the load balancer?
  Is the objective to *not* allow some other (possibly malicious) source from creating excessive connections to the server?
  Otherwise, this is a good discussion about the different parameters that must be considered if you do decide to adjust the values (changing one may not suffice):
  http://letsexchange.blogspot.com/2012/04/receive-connector-rejected-incoming.html
  Nuno Mota's blog (MVP)
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

• Multiple sources for address book

  Is there a way to keep different sources for addresses separate and discrete in Address Book? For instance, we have our own addresses from iCloud, but I also have addresses coming from Google Mail. We've worked hard to keep the iCloud ones updated and "clean", whereas the Google Mail ones are a bit messier. Is there a way to keep them distinct when importing/subscribing from Address Book? Or, does all the information end up getting merged?
  Thanks,
  John

  Hi,
  Pete_Sg1 wrote:
  I need to write a query whiich returns book details but it should identify records (ie. Titles) with multiple authors and return the record with Authors separated with pipe ('|') like (no need of SURRID column )Get there : {message:id=9360005}
  and scroll down to "string aggregation"
  Pete_Sg1 wrote:
  A table storing book details can only be designed like above. Right ? I mean, the duplication of records for one book because of multiple authors cannot be avoided. Right ? I would have had a table for books, and a separate one for authors, and a 3rd one for their relations :
  create table books
  book_id integer,
  title varchar2(100),
  etc...
  create table authors
  author_id integer,
  name varchar2(100),
  etc...
  create table book_authors
  book_id integer,
  author_id integer
  );You could also have only 2 tables book and authors (with authors table having a fk column to book_id).
  It would depends if the author is supposed to remain unique throught different books.
  - The 3 tables model would allow a single update on author information to be automatically "propagated" to all book he participed in.
  - The 2 tables model would allow to have different information for each participation of the author to different books (but would certainly "duplicate" part of the data about the author)
  One can also have even more tables to totally avoid data "duplication".

• What is the address for warranty returns

  We had an issue with a lightning cable and were sent a new one under warranty, well my three year old decided to cut up the envelope and return address label for the old cable to be returned. What is the address to send this back?

  This is where I mailed gear for service.  I'm assuming it is the same address for walk-ins
  15955 Alton Parkway
  Irvine, CA 92618