confusing packet data
This is something has been bugging me lately.... Etherape is a Linux tool that graphs packets arriving at your host, and shows paths of connectivity. I captured the graphs, at the URL below, from my Linux laptop connected to a Linksys wifi router that is hooked to a Comcast cable modem. Why is it that I can see packet data from IPs all over the place? http://picasaweb.google.com/jimpop/Public# Any insight is much appreciated. -Jim P.
On 16/09/2008, at 1:34 PM, Jim Popovitch wrote:
This is something has been bugging me lately.... Etherape is a Linux tool that graphs packets arriving at your host, and shows paths of connectivity. I captured the graphs, at the URL below, from my Linux laptop connected to a Linksys wifi router that is hooked to a Comcast cable modem. Why is it that I can see packet data from IPs all over the place?
My suspicion is that the tool is malfunctioning and is spitting out random data. Probably best to post on the Etherape mailing list for help on this one. I see stuff in 224/4 and 240/4 in your pictures. -- Nathan Ward
On Mon, 15 Sep 2008, Jim Popovitch wrote: Are you running Skype? Have you become a supernode? There is now a registry switch in 3.0 that allows you to disable supernode functionality. -Hank
This is something has been bugging me lately.... Etherape is a Linux tool that graphs packets arriving at your host, and shows paths of connectivity. I captured the graphs, at the URL below, from my Linux laptop connected to a Linksys wifi router that is hooked to a Comcast cable modem. Why is it that I can see packet data from IPs all over the place?
http://picasaweb.google.com/jimpop/Public#
Any insight is much appreciated.
-Jim P.
On 16/09/2008, at 4:43 PM, Hank Nussbacher wrote:
Are you running Skype? Have you become a supernode? There is now a registry switch in 3.0 that allows you to disable supernode functionality.
This would not cause him to see traffic to and from random addresses. Note that traffic is not going to his IP address, but to AND from addresses that are not his. That, plus the fact that there 'is' traffic on 240/4 and 224/4, and it sounds like a bug. -- Nathan Ward
Or his DSL is set to bridging. --p -----Original Message----- From: Nathan Ward [mailto:nanog@daork.net] Sent: Tuesday, September 16, 2008 12:47 AM To: nanog list Subject: Re: confusing packet data On 16/09/2008, at 4:43 PM, Hank Nussbacher wrote:
Are you running Skype? Have you become a supernode? There is now a registry switch in 3.0 that allows you to disable supernode functionality.
This would not cause him to see traffic to and from random addresses. Note that traffic is not going to his IP address, but to AND from addresses that are not his. That, plus the fact that there 'is' traffic on 240/4 and 224/4, and it sounds like a bug. -- Nathan Ward
On Tue, Sep 16, 2008 at 00:43, Hank Nussbacher <hank@efes.iucc.ac.il> wrote:
Are you running Skype? Have you become a supernode? There is now a registry switch in 3.0 that allows you to disable supernode functionality.
No. Nothing is running on this host (my laptop) when initiating etherape. Also, etherape reports nothing until I initiate some traffic (i.e. whois www.yahoo.com) I suspect that Nathan is correct and I have filed a bug report with Debian. -Jim P.
participants (4)
-
Darden, Patrick S. -
Hank Nussbacher -
Jim Popovitch -
Nathan Ward