Re: ip theft!!

[<ksemat at wawa.eahd.or.ug>]

> (2) Use tunneling to introduce a layer-3 boundary between all customers. For
> example, you could run PPPoE between them and you, so they each have a
> separate PPP session with its own assigned IP address and /32 route.

Thought of this however the major problem was actually the fact that since
the router is on the same network segment as themselves, they can simply
change their netmask and set their gateway to the router and voila they're
on the network once again!

currently we are using one class C network and everyone is assigned ip
addresses form this pool with a /24 netmask and it is on this same segment
that the router, etc are found. So a PPPOE server would help in some ways
but not for anyone who has some knowledge of the network. Currently the
only form of control is a FreeBSD bandwidth manager that is actually in
bridging mode between the network and the router and though controlling on
this machine is not hard, it will only help when they try to browse
externally but in the meantime they would be messing up the whole internal
network.

Noah.


-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org