Our network is all Static IP's in the 10.10.xx.xx range. The other day a problem was arrising with one of our domains.
When pinging MNBlah domain, we'd get replies from some 169.254. address (i forget last 2 octects). I'm no Microsoft Admin, but the SA went in and deleted some entry in the DNS control screen (sorry I'm not more descriptive) that should not have been there, and which he didn't think anyone added manually.
Instantly upon deleting this, pinging MNBlah domain returned the correct 10.10.xx.xx address and clients were able to login once again.
My question is: How in the world does this happen? I always thought that the dreaded 169.254 address was not routable, something like that 127. range, but I guess I'm completely off. And how would this rogue computer become the highest authority in the MNBlah domain?!
Is there something I can do Layer3 wise that would put a halt to any 169.254 traffic?
Just because the 169.254.x.x range should not be routable does not mean that it can't be routed. That probably sounds like a paradox but is not really so... A router will not implicitly deny the routing of the 169.254.x.x network unless you explicitly configure it not to. Therefore, in a poorly configured network, this network can very well be routed. That is what you were seeing... you can configure ACLs on your routers to deny this and other networks that you don't want routed.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...