Убрать мусор с порта клиента и сервера.

Megas · May 31, 2012

В общем решил просто поглядеть. На сервер поднял vlan, ничего такого и сел на него tcpdump.

Вижу такое:

0 max 20 hello 2 fdelay 15
15:57:05.708808 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:06.244028 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:06.708848 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:07.243942 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:07.300316 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:07.708816 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:08.170368 54:04:a6:c8:43:90 > Broadcast, ethertype ARP (0x0806), length 60: arp who-has 192.168.0.254 (Broadcast) tell 192.168.0.121

15:57:08.243914 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:08.358784 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:08.358975 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:08.359087 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:08.717799 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:09.243918 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:09.299894 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:09.717746 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:10.244004 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:10.717775 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:11.244019 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:11.299611 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:11.388816 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:11.389001 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:11.717827 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:11.733988 b0:48:7a:dd:b5:d9 > Broadcast, ethertype ARP (0x0806), length 60: arp who-has 192.168.0.93 tell 192.168.0.93

15:57:12.243993 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:12.717788 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:12.833708 00:0a:48:08:87:b3 > Broadcast, ethertype ARP (0x0806), length 60: arp who-has 192.168.0.101 tell 192.168.0.101

15:57:13.243987 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:13.299643 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:13.717857 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:14.245113 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:14.371462 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:14.717862 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:15.245074 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:15.299430 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:15.378202 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:15.717789 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:16.245054 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:16.383249 14:d6:4d:a7:db:aa > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.43.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

15:57:16.717782 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:17.245079 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:17.300032 00:1b:21:af:e5:6d > 01:80:c2:00:00:00, 802.3, length 52: LLC, dsap STP (0x42), ssap STP (0x42), cmd 0x03: 802.1d config 8000.00:1b:21:af:e5:6d.8011 root 8000.00:1b:21:af:e5:6d pathcost 0 age 0 max 20 hello 2 fdelay 15

15:57:17.717781 14:d6:4d:a7:db:aa > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.43.54953 > 255.255.255.255.7533: UDP, length 26

15:57:18.178445 54:04:a6:c8:43:90 > Broadcast, ethertype ARP (0x0806), length 60: arp who-has 192.168.0.254 (Broadcast) tell 192.168.0.121

15:57:18.245116 00:25:22:b9:d5:e2 > Broadcast, ethertype IPv4 (0x0800), length 68: 192.168.0.31.megaregsvrport > 255.255.255.255.7533: UDP, length 26

15:57:18.602880 00:1f:e2:06:14:94 > 01:00:5e:40:00:00, ethertype IPv4 (0x0800), length 157: 192.168.0.112.plysrv-https > 239.192.0.0.plysrv-https: UDP, length 115

Не пойму, чего тут делает STP?

DGS-3120-24SC:admin#show stp ports 8
Command: show stp ports 1:8

MSTP Port Information

----------------------

Port Index : 1:8 , Hello Time: 2 /2 , Port STP : Disabled ,

External PathCost : Auto/20000 , Edge Port : False/No , P2P : Auto /No

Port RestrictedRole : False, Port RestrictedTCN : False

Port Forward BPDU : Disabled

MSTI Designated Bridge Internal PathCost Prio Status Role

----- ------------------ ----------------- ---- ---------- ----------

0 N/A 20000 128 Forwarding NonStp

Да и как можно подрезать все лишнее? напрягает этот шастающий мусор, серв на лине.

terrible · May 31, 2012

Абонент брудкастит, забейте на него, если проблем не возникает.

На всякий случае клиентов лучше изолировать друг от друга.

Ну и edge true на клиентских портах, если конечно используете STP

alanw · June 1, 2012

Если клиент отдан с DGS-3120-24SC то используйте ACL - они в Dlink на удивление очень даже хороши. В результате можно запретить все кроме arp запросов 0x0806 ( в принципе единственный полезный broadcast запрос - если кроме доступа в Internet клиент ничего получать не должен ). Тут на форуме полно примеров как настраивать длинковские ACL.

Удачи :)

lan-viper · June 3, 2012

Тут на форуме полно примеров как настраивать длинковские ACL.

Собрать бы их ещё в одном месте...

pppoetest · June 4, 2012

Где-то была тема именно по сбору ацл-ей блинка для чиканья мусора на доступе

lan-viper · June 5, 2012

Где-то была тема именно по сбору ацл-ей блинка для чиканья мусора на доступе

Оно?

config dlink 3028/3200-28 Делимся конфигами свичей длинковского доступа

pppoetest · June 5, 2012

Емнип, да

Sign In

Убрать мусор с порта клиента и сервера.

Recommended Posts

Megas

terrible

alanw

lan-viper

pppoetest

lan-viper

pppoetest

Join the conversation