This has been discussed before, check the list archives. Some=
representative
articles are:
http://www.livingston.com/tech/archive/portmaster-users/9802/1459.html
http://www.livingston.com/tech/archive/portmaster-users/9801/1481.html
Bottom line --- quite a few people have complained about it, but so far
Lucent (and Livingston before them) has shown no interest in changing
this behaviour in ComOS. Instead, their answer is that you should
create a filter on the ethernet port so that outbound traffic is
dropped if the destination is an address within your assigned pool.
As a simple example, if you have an assigned address of 192.168.1.128,
and a pool size of 48, you could do the following:
add filter ether.out
set filter ether.out 1 deny 0.0.0.0/0 192.168.1.128/27
set filter ether.out 2 deny 0.0.0.0/0 192.168.1.160/28
set filter ether.out 3 permit 0.0.0.0/0 0.0.0.0/0
set ether0 ofilter ether.out
save all
Rule 1 stops bounced packets for the first 32 addresses
in the pool, rule 2 stops bounced packets for the next 16.
If you have other filtering needs for the ethernet interface,
you could incorporate the above into that filter.
I still think Lucent should change ComOS so that it returns
an appropriate ICMP message when this happens. This issue
comes up on a regular basis, and although it -can- be worked
around with an appropriate filter, there are obviously a lot
of people who don't know about this until they notice it
causing problems and investigate it.
What is the best/preferred way to officially request a ComOS
RFE from Lucent?
Michael Bryan
pmu@ursine.com
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>