• Home

  • Documents

  • PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP...
13

PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

  • Upload
    others

  • View
    0

  • Download
    0

Embed Size (px)

Citation preview

Page 1: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin
Page 2: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

2011-10-11 ENOG2 Arnold Nipper CTO/COO and Founder [email protected]

Proxy-Arp considered harmful

Page 3: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#3

Proxy ARP – a recap

We do not want Proxy ARP on our platform

Security tests

Configuration tests

Light levels

Counters

Page 4: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#4

A

B C

D

E

Page 5: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#5

A

B C

D

E

Page 6: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#6

A

B C

D

E

/

Page 7: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#7

A

B C

D

E

/

Page 8: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#8

A

B C

D

E

/

Page 9: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#9

A

C

D

E

/

B

Page 10: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#10

A

C

D

E

/

B

/

Page 11: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#11

The 2011-08-13 incident:

It was a Saturday.

It was peak time.

It took 3.5 hours to fix

145 customers affected

Up to 45% traffic loss

Page 12: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

#12

Countermeasures:

- Regular proactive checks to identify proxy ARP

Additional Countermeasures:

- Vendor implementation: disable default proxy ARP

- Use of dynamic ARP inspection with static bindings

Page 13: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin

Thank you Join DE-CIX now! DE-CIX Competence Center Lindleystrasse 12 60314 Frankfurt/Germany Phone +49 69 1730 902 - 0 [email protected]

28. November 2011 – DE-CIX Management GmbH #13

DE-CIX Competence Center @ Kontorhaus Building

Frankfurt Osthafen (Docklands)


Präsentation VMware

Präsentation VMware

Technology
Präsentation comenius2013

Präsentation comenius2013

Sports
ARP Commands - · PDF fileARP Commands arp dagr. arp purge-delay TodelaypurgingAddressResolutionProtocol(ARP)entrieswhenaninterfacegoesdown,usethearp purge-delaycommandininterfaceconfigurationmode.Toturnoffthepurgedelayfeature,usethenoform

ARP Commands - · PDF fileARP Commands arp dagr. arp purge-delay TodelaypurgingAddressResolutionProtocol(ARP)entrieswhenaninterfacegoesdown,usethearp purge-delaycommandininterfaceconfigurationmode.Toturnoffthepurgedelayfeature,usethenoform

Documents
S#arp Architecture Documentation · S#arp Architecture Documentation Release 2.1rc S#arp Architecture team October 10, 2016

S#arp Architecture Documentation · S#arp Architecture Documentation Release 2.1rc S#arp Architecture team October 10, 2016

Documents
Nwa Präsentation

Nwa Präsentation

Career
ARP Receive ARP packet structures ARP packets …westall/853/notes/arprecv.pdfARP Receive ARP packet structures ARP packets consist of the protocol independent header shown in blue

ARP Receive ARP packet structures ARP packets …westall/853/notes/arprecv.pdfARP Receive ARP packet structures ARP packets consist of the protocol independent header shown in blue

Documents
ARP Commands - cisco.com · arp purge-delay TodelaypurgingAddressResolutionProtocol(ARP)entrieswhenaninterfacegoesdown,usethearp purge-delaycommandininterfaceconfigurationmode

ARP Commands - cisco.com · arp purge-delay TodelaypurgingAddressResolutionProtocol(ARP)entrieswhenaninterfacegoesdown,usethearp purge-delaycommandininterfaceconfigurationmode

Documents
Präsentation winterbilder

Präsentation winterbilder

Documents
ARP Guide - arp-15-mt-book.pdf

ARP Guide - arp-15-mt-book.pdf

Documents
Grecruitment_Technische Präsentation

Grecruitment_Technische Präsentation

Documents
Präsentation Semanticcamp

Präsentation Semanticcamp

Travel
Fertige präsentation

Fertige präsentation

Technology
Udenco Präsentation

Udenco Präsentation

Documents
WEMAG Präsentation

WEMAG Präsentation

Documents
WITHDRAWN - osha.gov

WITHDRAWN - osha.gov

Documents
Präsentation DE

Präsentation DE

Documents
理解 ARP 及proxy ARPcourse.rzpt.cn/uploads/resources/118/2018-12-10/1544430308_2365661.pdf · ARP ARP Proxy 2.2 Proxy ARP ARP (Address Resolution Protocol) IP MAC ARP ARP IP MAC

理解 ARP 及proxy ARPcourse.rzpt.cn/uploads/resources/118/2018-12-10/1544430308_2365661.pdf · ARP ARP Proxy 2.2 Proxy ARP ARP (Address Resolution Protocol) IP MAC ARP ARP IP MAC

Documents
Zeitmanagement präsentation

Zeitmanagement präsentation

Documents
ARP-2215AP-G00 ARP-2217AP-G00 ARP-2219AP-G00 ARP … › products › _download › _manual...The ARP-2200AP-G00 Series touch panel computer can be placed on a shelf, table, or mounted

ARP-2215AP-G00 ARP-2217AP-G00 ARP-2219AP-G00 ARP … › products › _download › _manual...The ARP-2200AP-G00 Series touch panel computer can be placed on a shelf, table, or mounted

Documents
ushaappliances.in (Withdrawn)

ushaappliances.in (Withdrawn)

Documents
Withdrawn Handscan

Withdrawn Handscan

Documents
Final präsentation

Final präsentation

Travel
Präsentation Moderationsmethoden

Präsentation Moderationsmethoden

Business
Comenius präsentation

Comenius präsentation

Education
Präsentation schule

Präsentation schule

Documents
ARP Commands - Cisco - Global Home Page · ARP Commands ThischapterdescribesthecommandsusedtoconfigureandmonitortheAddressResolutionProtocol(ARP). FordetailedinformationaboutARPconcepts,configurationtasks

ARP Commands - Cisco - Global Home Page · ARP Commands ThischapterdescribesthecommandsusedtoconfigureandmonitortheAddressResolutionProtocol(ARP). FordetailedinformationaboutARPconcepts,configurationtasks

Documents
Präsentation online

Präsentation online

Documents
Präsentation engl

Präsentation engl

Investor Relations
Präsentation Plangger

Präsentation Plangger

Documents
Withdrawn - Srce

Withdrawn - Srce

Documents