To clarify, Gi0/3 faces our customers, Fa1/0 faces a transit provider. These results have come from configuring "ip flow egress" on Fa1/0, facing the transit provider.
126.96.36.199 is a static IP we have assigned a customer. I know this customer has a firewall terminating this connection so I want to understand the cache flow results on this route. Why is the destination address an RFC1918 address?
Is it possible that the customers firewall is trying to connect to these addresses, the flow gets as far as this border router, and drops? I assume that to be false, and only successfully initiated flows are recorded?
Also, looking at those figures it's IP protocol 0x11 which is UDP (17) and source port 62023 to destination port 161. 161 is SNMP? Without asking the customer what they are doing I suppose I can never know at that level, but I'm really more interested in why these flows are showing at all, when 192.168.1.0/24 isn't in this routers FIB?
Yes 161 is snmp, and its UDP. One reason would be default routing. I suppose that the customer has a default route toward the firewall , and on firewall a default router toward the edge provider router. As per source the flows could be source nat-ed.
Sadly their firewall default route is to a router much closer to them, so that isn't the answer. BGP cariries them from their default routerr out of the specific border router these flows are present on.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...