#1  
Old 11-August-2009, 01:29
Odyssey Odyssey is offline
Screamager
 
Join Date: Dec 2001
Posts: 190
Default Fibre Optical issue

I read about the results of a ipconfig /all command where the result showed:

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . : adcd.com
Description . . . . . . . . . . . : KTI ET32/Px Series PCI Ethernet Adapter
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.105
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Sunday, August 09, 2009 3:35:30 AM
Lease Expires . . . . . . . . . . : Sunday, August 16, 2009 3:35:30 AM

The commentary was:

"hmm; the ISP router is at 192.168.0.1
and your system is on the same subnet 192.168.0.*
as 192.168.0.105

This means you have no NAT isolation from any of the other 253 systems attached to 192.168.0.1

Normally we get a public address like 76.183.108.74 assigned to our first device
and the NAT creates lan addresses like 192,168,0.* and DHCP gives us the ISP gateway like 76.183.xxx.1; Any attempt to make a direct attack *must* be able to perform Nat Traversal , which is not trivial.

With your IP on the same subnet as the gateway, Nat Traversal is not required
and your Sole protection to a direct attack is your Firewall"

This is exactly the sort of return that I get on my windoze computers and I am concerned about this lack of "Nat Traversal" in my system. Why would a fibre optic connection show up like this? Isn't the 192.168.0.1 address that of the converter that sits outside the house? If I run:

www.myipaddress.com

I get a typical 68.97.xx.xx reply.

Why would the ip address show up as a 192.x x.105 address?

I'm confused. Help please.
Reply With Quote
  #2  
Old 11-August-2009, 08:38
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

well not seen "The commentary" but the output from ipconfig /all looks totally normal / correct for a NAT setup

IP Address. . . . . . . . . . . . : 192.168.0.105 *this is the PC you are on
Subnet Mask . . . . . . . . . . . : 255.255.255.0 *local subnet
Default Gateway . . . . . . . . . : 192.168.0.1 *the router IP (LAN / safe side)
DHCP Server . . . . . . . . . . . : 192.168.0.1 *local router again - it's doing DHCP
DNS Servers . . . . . . . . . . . : 192.168.0.1 *local router is doing DNS proxy for LAN

there's no reason to think given the above there is anything strange or that you don't have a correct NAT setup

the way to check is to do a tracert (ipconfig is only telling you about LAN)

Code:
C:\>tracert www.google.com

Tracing route to www.google.com [209.85.229.103] over a maximum of 30 hops:

  1   <10 ms   <10 ms   <10 ms  myrouter [192.168.0.1]
  2    68 ms    60 ms    60 ms  isp.internet.net [87.xx.xx.xx]

etc
the first hop after my router is the internet (or a non-private address space) so my LAN / subnetwork stops at the router as you'd expect for a NAT setup
Reply With Quote
  #3  
Old 11-August-2009, 08:41
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

NAT requires you are routing between 2 networks, since 192.168.xx is private space (LAN) it's very likely the other side of the router (WAN side) is the internet - which is what you'd expect

http://en.wikipedia.org/wiki/Network...ss_translation or perhaps http://www.howstuffworks.com/nat.htm
Reply With Quote
  #4  
Old 11-August-2009, 15:58
Odyssey Odyssey is offline
Screamager
 
Join Date: Dec 2001
Posts: 190
Default Re: Fibre Optical issue

Thanks for yours, very helpful.

As to "The Commentary", the quote above, i.e.:

"hmm; the ISP router is at 192.168.0.1
and your system is on the same subnet 192.168.0.*
as 192.168.0.105

This means you have no NAT isolation from any of the other 253 systems attached to 192.168.0.1

Normally we get a public address like 76.183.108.74 assigned to our first device
and the NAT creates lan addresses like 192,168,0.* and DHCP gives us the ISP gateway like 76.183.xxx.1; Any attempt to make a direct attack *must* be able to perform Nat Traversal , which is not trivial.

With your IP on the same subnet as the gateway, Nat Traversal is not required
and your Sole protection to a direct attack is your Firewall"

was the entire commentary.

I believe I now know the source of my confusion (and I may well have confused you). From memory, every time I run ipconfig at the office, the dns server (and maybe the DHCP server?) is a non-private address. In my mind, I "transposed" the ip address reference given in the quoted commentary with "dns server". The dns server address in the previous post was "DNS Servers . . . : 192.168.0.1" and this is a private address. So what I want to understand is why in this instance is a private address showing up as the dns server address?

If indeed I did confuse you as well, is the above an/the issue?

I am having a read of your references trying to get myself a bit better educated so I can understand this stuff better.
Reply With Quote
  #5  
Old 11-August-2009, 16:03
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

see above

IP Address. . . . . . . . . . . . : 192.168.0.105 *this is the PC you are on
Subnet Mask . . . . . . . . . . . : 255.255.255.0 *local subnet
Default Gateway . . . . . . . . . : 192.168.0.1 *the router IP (LAN / safe side)
DHCP Server . . . . . . . . . . . : 192.168.0.1 *local router again - it's doing DHCP
DNS Servers . . . . . . . . . . . : 192.168.0.1 *local router is doing DNS proxy for LAN
the DNS server setting points to the router, this is common / normal as the router itself is proxying the DNS requests, the PCs on your network ask the router and the router then sends the DNS request outside of the network (normally to the ISPs DNS servers it was provided with when it was given it's internet IP via DHCP )
Reply With Quote
  #6  
Old 11-August-2009, 16:09
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

This means you have no NAT isolation from any of the other 253 systems attached to 192.168.0.1

Normally we get a public address like 76.183.108.74 assigned to our first device
and the NAT creates lan addresses like 192,168,0.* and DHCP gives us the ISP gateway like 76.183.xxx.1; Any attempt to make a direct attack *must* be able to perform Nat Traversal , which is not trivial.

With your IP on the same subnet as the gateway, Nat Traversal is not required
and your Sole protection to a direct attack is your Firewall"
this commentary is either wrong, just confusing or is in relation to something other than a normal home setup

if you run ipconfig /all on one of the LAN (home network) PCs you will see (and only see) private space IP addresses (e.g. 192.168.xx) seeing anything else (like a public / internet IP) is not normal as the "other 253 systems" are all the potential other PCs you might have connected to your home network

the routers job is to route data between the two networks private lan (eg 192.168.xx) and the internet,. if you had internet IPs inside the network (LAN side of router) then the router would not be doing what it is supposed to do,. the WAN side of the router (internet side) will be an internet IP,. between the WAN and LAN is the NAT - the gateway IP for the LAN side will be (must be) the LAN side IP address of the router
Reply With Quote
  #7  
Old 11-August-2009, 16:43
Odyssey Odyssey is offline
Screamager
 
Join Date: Dec 2001
Posts: 190
Default Re: Fibre Optical issue

Great explanation. I think I have it now and my recollection (notoriously bad memory) was doubtless in error.

I have two little questions that you just might be able to provide an answer to.

1) On some computers, when you are in the command shell, you can press the up or down key and it will bring up a stack of the recently issued commands. On other computers this doesn't work. Do you know why?

2) In browsing other forums to look at the ipconfig results from other users, I noticed that many of them using xp home have a very long and detailed output, such as:

"Windows IP Configuration

Host Name . . . . . . . . . . . . : s-d68a1390ea494
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom 802.11a/b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-8B-9F-CA

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82562GT 10/100 Network Conn
ection
Physical Address. . . . . . . . . : 00-1A-4B-68-09-59
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 165.66.6.6
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IP Address. . . . . . . . . . . . : fe80::21a:4bff:fe68:959%5
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 166.66.6.16
165.66.6.17
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%6
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6to4 Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6to4 Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : A5-42-06-06
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 2002:a542:606::a542:606
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : A5-42-06-06
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:165.66.6.6%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled"

There appears to be some sort of tunneling going on. In overview, what is all this about? TIA
Reply With Quote
  #8  
Old 11-August-2009, 17:17
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

regards pressing the up key and getting the previously issued commands it totally depends on the operating system and the shell that's in use,. on windows I think if you type in doskey it will allow it to work (though I thought it was default on newer windows installs) - on linux it depends on the shell and the settings, best to start another topic in the linux forum about that

the ipconfig /all command tells you about all the interfaces (like a network card) that are available, and 'virtual interfaces' also so really the other stuff depends on what else the user has installed,. a lot of software VPN solutions use virtual interfaces and also machines setup with a vmware type stuff have some kicking about,

tip really if you see something you want to know more about put it into google and something useful normally turns up http://www.google.co.uk/search?q=Tun...redo+Tunneling
Reply With Quote
  #9  
Old 11-August-2009, 17:30
Odyssey Odyssey is offline
Screamager
 
Join Date: Dec 2001
Posts: 190
Default Re: Fibre Optical issue

Sil, thanks for the tip. I use google for finding answers several times every day, along with frequent stops at wikipedia.

The question about the shell was in reference only to Windoze computers. Is doskey a shell command? [edit] I entered it at the command line and it paused, then gave me back the cursor as if it had executed the command, but the up/down key still doesn't bring up the previous commands.

I recognize that I was leaning on you for answers to both questions, but I expected that the answer to both would be short, as they were, and I am very grateful for your patience. I know I could google up the answers eventually, but while I had the attention of someone that I was dead certain knew the answers......

Last edited by Odyssey; 11-August-2009 at 17:37.
Reply With Quote
  #10  
Old 11-August-2009, 17:36
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

http://www.google.co.uk/search?q=doskey

well I might have an answer - whether is it the correct answer is another matter

I'm pretty certain the stuff about NAT above where I said "this commentary is either wrong, just confusing or is in relation to something other than a normal home setup" - it's the former,. I really can't see why (or how) LAN PCs would have their gateway set to an internet IP address - I have only ever seen the gateway set to the LAN side IP of the router (except where someone messed up their settings!)
Reply With Quote
  #11  
Old 11-August-2009, 18:41
Odyssey Odyssey is offline
Screamager
 
Join Date: Dec 2001
Posts: 190
Default Re: Fibre Optical issue

Another lesson relearned. I had been googling madly since my previous post but for things like "pressing up or down key doesn't bring up previous windows commands -linux -bsd -ubuntu" etc, when I should have picked up the key word "doskey". Hadn't found anything useful that way.

Having said that, my XP home computer simply does not recognize the doskey command with or without switches.

So still googling but now for "Doskey doesn't work"

Many thanks for both bits. If I learn anything useful about the ipconfig results, I will come back and post it here.

robert
Reply With Quote
  #12  
Old 11-August-2009, 20:26
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: Fibre Optical issue

how are you bringing up the dos window, one of the results said that command history is included (on already) if you use cmd.exe on the later (win2k onwards?) windows
Reply With Quote
Reply

Tags
bad, computer, connection, dead, dhcp, dns, google, googling, home, intel, internet, isp, key, line, make, nat, network, public, router, settings, software, windows, wireless

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
BT names first 29 exchanges for fibre rollout gem Broadband Internet Access 0 24-March-2009 14:49
UK homes to get super-fast fibre Scoobs News 6 03-October-2008 13:22
Fibre Optic gagea Broadband Internet Access 0 01-March-2006 13:33
Fibre Broadband Issue JaseC Broadband Internet Access 11 12-February-2005 23:07
Want 50Mb per second? Forget fibre silver Broadband Internet Access 2 12-September-2003 21:24


All times are GMT +1. The time now is 19:48.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Copyright 1999-2014 The Scream!