Firewall Wizards mailing list archives
Re: Duplicate Public IP Addresses?
From: "Mark" <firewalladmin () bellsouth net>
Date: Fri, 8 Jan 2010 17:49:17 -0500
The only thing I would add too what Paul said is that the hosts on the same network (the private network that was incorrectly using the example 80.x.x.x range) would end up using server B, as "local" traffic would not be routed to it's default gateway. -----Original Message----- From: firewall-wizards-bounces () listserv icsalabs com [mailto:firewall-wizards-bounces () listserv icsalabs com] On Behalf Of arvind doraiswamy Sent: Friday, January 01, 2010 10:11 AM To: Firewall Wizards Security Mailing List Subject: [fw-wiz] Duplicate Public IP Addresses? Hey Guys, Maybe this is a bit of a basic question but I thought I'd ask here all the same. Please let me know if this is too Non Firewall to be posted :) Over the years a lot of clients have used Public IP addresses on an Internal network. So there's whole internal ranges with 80.x.x.x . Now almost all of those systems do not have publicly reachable services at all. Lets also assume that there is some website somewhere which has the 80.x.x.x IP address assigned to it and people DO visit it and use its "services". All ok so far. What though if the internal network suddenly decided to make one of his systems a web server , put a site onto it and pushed it on to the Internet with the same 80.x.x.x address that was assigned to the server when it was part of the Internal Network? Effectively it means that now.. 2 servers ; the original web server (A) and the new web server (B) both have an IP of 80.x.x.x (SAME). Now I haven't done this practically and checked what will happen , but I have a few questions in mind. a) What happens to all the traffic going to A? Does it still go there or do clients of A get redirected to B? b) What about B wrt Question a) ? c) What about DNS servers everywhere? What IP addresses will they cache and how will they ensure that people are "routed" correctly? d) Isn't this a very easy DOS condition? Anyone just changes IP , registers with their own DNS and sits back and waits? Am I missing something? It just seems to easy to do..so I thought I'd post here and get educated :) Thnx Arvind _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Duplicate Public IP Addresses? arvind doraiswamy (Jan 07)
- Re: Duplicate Public IP Addresses? Paul D. Robertson (Jan 07)
- Re: Duplicate Public IP Addresses? Orca (Jan 08)
- Re: Duplicate Public IP Addresses? Mark (Jan 08)