Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) IP Addresses needed for 4048
> Why give more than 48 addresses. It only has 2 T-1's available so at a
> max that's 48 connections.
A couple of reasons:
- There have been address pool leak bugs at at least one time in the past.
If this bug should ever reappear, you have some slop so it will take more
time to matter.
- If you are using Pool Summary then your pool must be of a size equal to
a power of two.
- If you have more addresses than channels, then even if all your
channels are constantly used, addresses get to have a little "rest"
between uses. This means that if the previous user logged off
uncleanly, possibly leaving some TCP connections open or otherwise
leaving references to its address somewhere on the net, those
connections and references are given a chance to time out before the
address is reused. It's a bit farfetched, but there's actually a
TCP connection hijacking potential here (security issue).
- If you receive complaints about net abuse coming from a dynamic IP
address, and you track it down using the supplied address and timestamp,
to user A, but user A logged off very soon after the incident and
user B immediately logged on thereafter and was given the same address
as A, you have to consider that the culprit might be B if the
timestamp given to you could be a few minutes off. If the address is
not immediately reused, then you can be pretty certain the culprit is A.
-Phil
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups:
References: