On 09/02/2018 01:37 AM, David Christensen wrote:
On 09/01/2018 04:05 AM, Stephen P. Molnar wrote:
On 08/31/2018 10:41 PM, David Christensen wrote:
On 08/31/2018 12:50 PM, Stephen P. Molnar wrote:
I am running Debian Stretch on my Linux platform.
I have noticed low internet traffic when I have not been doing
anything outside of my LAN. This has made me a tad suspicious.
Now:
root@AbNormal:/home/comp# ifconfig
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 162.237.98.238 netmask 255.255.252.0 broadcast
162.237.99.255
ether bc:ee:7b:5e:83:36 txqueuelen 1000 (Ethernet)
RX packets 796401 bytes 529829454 (505.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 236054 bytes 22520861 (21.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 399 bytes 42360 (41.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 399 bytes 42360 (41.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
It turns out that this ISP, 162.237.98.238 is my ISP, AT&T here in
Columbus, Ohio.
The other four nodes on my LAn all have IP's starting with
192.168.1 - which is what it's supposed to be.
Just what is going on here? I don't have a clue.
I dop have firewalls implemented on both the modem and the computers.
Any insights will be much appreciated.
Thanks in advance.
Running nslookup(1):
2018-08-31 18:53:21 dpchrist@vstretch ~
$ nslookup 162.237.98.238
Server: 192.168.5.1
Address: 192.168.5.1#53
Non-authoritative answer:
238.98.237.162.in-addr.arpa name =
162-237-98-238.lightspeed.clmboh.sbcglobal.net.
Authoritative answers can be found from:
Running host(1):
2018-08-31 18:58:15 dpchrist@vstretch ~
$ host 162.237.98.238
238.98.237.162.in-addr.arpa domain name pointer
162-237-98-238.lightspeed.clmboh.sbcglobal.net.
162.237.98.238 appears to be a valid IPv4 public Internet address.
You should have a device provided by your Internet service provider
(ISP) between their wiring (e.g. telephone service) and your wiring
(e.g. Ethernet local area network/LAN). What is the make and model
of the ISP device? Please provide a URL to the product support page.
What are the "other four nodes"?
How is everything interconnected?
David
Thanks for your reply.
ISO device is an Arris BGE210-700 Broadband Gateway Release 1.0 from
AT&T (http://www.arris.com/Search/?q=Arris+BGE210-700+Broadband+Gateway)
Wired Connections: 2 Desktops, printer and VOIP telephone
Wireless Connections: Laptop and two Android Smartphones
root@AbNormal:/home/comp# nslookup
> nslookup -a
Server: 192.168.1.254
Address: 192.168.1.254#53
Non-authoritative answer:
Name: nslookup
Address: 198.105.244.130
Name: nslookup
Address: 104.239.207.44
>
> host
Server: 192.168.1.254
Address: 192.168.1.254#53
Non-authoritative answer:
*** Can't find host: No answer
>
It appears that your ISP gateway device is configured to pass through
it's Internet address (and all incoming packets) to the computer in
question. This is a feature that allows a server behind the gateway
to be visible on the Internet.
Enabling or disabling gateway features is a matter of browsing to the
gateway's IP address (192.168.1.254?) and operatingthe web control panel.
I have a Pace Plc Model 5268AC, also through AT&T. The relevant
control panel page for putting a server on the Internet would seem to
be Settings -> Firewall -> Applications, Pinholes and DMZ. I would
pick a computer and then select "Allow all applications (DMZplus
mode)" to turn the feature on. The feature is currently off, so I
don't know how I would turn it off.
If you can't figure out the control panel for your gateway, contact
your ISP.
David
Thanks for your reply.
The Firewall Passthrough is set to Allocation Mode set to 'Passthrough
with the Passthrough Mode set to 'DHCPS-dynamic '.
It's my intention to change the Allocation Mode to 'Off', as soon as I
talk to AT&T Tech Support to make sure that doesn't mess things up.
--
Stephen P. Molnar, Ph.D.
Consultant
www.molecular-modeling.net
(614)312-7528 (c)
Skype: smolnar1
