nanog mailing list archives
Re: impossible circuit
From: "Andy Johnson" <andyjohnson () ij net>
Date: Wed, 13 Aug 2008 10:42:15 -0400
The only things I can think of that might be the cause are misconfiguration in a DACS/mux somewhere along the circuit path or perhaps a mishandled lawful intercept. I don't have enough experience with either or enough access to the systems that provide the circuit to do any more than speculate. Has anyone else ever seen anything like this?
I'm not sure how a DACS/mux misconfiguration would do this. There would have to be some intelligent device grabbing those IP packets and forwarding them on to another IP router, which seems really likely.
Have you noticed any unusual shifts in pattern on the internal network of your Ocala office? I wonder if somebody decided it would be clever to start up a VPN tunnel on a host inside your network, and also set the host in promiscuous mode, forwarding every packet it gets back out that tunnel.
The only argument I can come up against this tunnel/host, is that when you changed line encapsulation modes, it went away. However, could have just dropped the tunnel or the host that was misbehaving decided it was a good time to stop.
Current thread:
- Re: impossible circuit, (continued)
- Re: impossible circuit George Carey (Aug 10)
- Re: impossible circuit Laurence F. Sheldon, Jr. (Aug 11)
- Re: impossible circuit Justin Shore (Aug 11)
- Re: impossible circuit Jay R. Ashworth (Aug 11)
- Re: impossible circuit Laurence F. Sheldon, Jr. (Aug 11)
- Re: impossible circuit George Carey (Aug 10)
- Re: impossible circuit list-nanog (Aug 12)
- Re: impossible circuit Jon Lewis (Aug 12)
- Re: impossible circuit Jon Lewis (Aug 16)
- Re: impossible circuit list-nanog (Aug 16)
- Re: impossible circuit Jay Hennigan (Aug 16)
- Re: impossible circuit Paul Wall (Aug 18)
- Re: impossible circuit Jon Lewis (Aug 12)
- Re: impossible circuit Jon Lewis (Aug 13)
- Re: impossible circuit Andy Johnson (Aug 13)
- Re: impossible circuit Jared Mauch (Aug 13)