|
On Tue, Jul 13, 2004 at 07:23:01PM -0400, Mog wrote:
> hello to all,
>
> I have a question concerning LVS-DR and IP Spoofing. Let me briefly
> explain the situation.
>
> First, I am a DSL user and I wish to multiplex my traffic over two or
> tree DSL lines. I decided to accomplish a spoofing test with some
> hand-crafted forged packets on my actual ISP network and it succeeded
> for packets being sent with a different source address that my current
> static IP that where Inside or Outside of my ISP allocated range (Witch
> probably mean that I am on the good way).
>
> I decided to find another ISP willing to help in order to accomplish a
> crosstalk between both ISPs. Their response was their own providers
> (bell, sprint etc..) will not allow non sanctioned IP to be sent through
> there network. They say they (bell, sprint etc..) use filters to stop
> some range of IPs from passing trough. They would probably take an
> agreement for a whole class C adress but not for a single IP.
>
> According to my previous readings on this list and the LVS How-to (and
> from what I understand) it's only a question of my ISP router config,
> not their own upstream provider...
>
> What are your thoughts on this ?
I think that the explanation of your ISP is quite plausible.
I would not be at all surprised if the backbone providers
have filtering in place for a variety of reasons. And if this
is the case, your packets can't travel over their networks,
and you have a problem.
The real solution is to get your own IP addresses and advertise them
to all the providers that you are connected to. Unfortunately,
this tends to be a rather costly procedure.
--
Horms
|
