arp who-has? tell?
Hello,
My desktop computer, running fedora 8, software firewall on, selinux on, dynamic dns, my ip adress is 98.203.6.135, ron@c-98-203-6-135.hsd1.fl.comcast.net. is connected directly to Comcast via a cable modem. I recently changed modems due to an electrical storm. I noticed the new modems pc activity light blinks continuously. This did not happen with the old modem. I read an article about tcp dump and tried # /usr/sbin/tcpdump -nS > tcpdump.log Here is part of tcpdump.log: 08:15:47.984724 arp who-has 71.206.79.141 tell 71.206.76.1 08:15:47.985081 arp who-has 98.203.1.140 tell 98.203.0.1 08:15:48.160197 arp who-has 76.110.184.13 tell 76.110.184.1 08:15:48.208245 arp who-has 66.229.170.141 tell 66.229.170.1 08:15:48.280100 arp who-has 98.203.0.91 tell 98.203.0.1 08:15:48.280552 arp who-has 98.203.0.92 tell 98.203.0.1 08:15:48.280868 arp who-has 98.203.0.93 tell 98.203.0.1 08:15:48.281164 arp who-has 98.203.0.94 tell 98.203.0.1 08:15:48.281591 arp who-has 98.203.0.95 tell 98.203.0.1 08:15:48.281998 arp who-has 98.203.0.96 tell 98.203.0.1 08:15:48.282696 arp who-has 98.203.0.97 tell 98.203.0.1 08:15:48.283852 arp who-has 98.203.0.99 tell 98.203.0.1 08:15:48.284338 arp who-has 98.203.0.100 tell 98.203.0.1 08:15:48.285053 arp who-has 98.203.0.101 tell 98.203.0.1 08:15:48.285399 arp who-has 98.203.2.181 tell 98.203.0.1 08:15:48.285699 arp who-has 98.203.0.102 tell 98.203.0.1 08:15:48.286154 arp who-has 98.203.0.103 tell 98.203.0.1 08:15:48.287382 arp who-has 98.203.0.105 tell 98.203.0.1 08:15:48.287780 arp who-has 98.203.0.106 tell 98.203.0.1 08:15:48.289626 arp who-has 98.203.0.109 tell 98.203.0.1 08:15:48.292039 arp who-has 65.34.210.47 tell 65.34.210.1 08:15:48.492036 arp who-has 76.110.191.29 tell 76.110.184.1 08:15:48.513075 arp who-has 66.229.170.86 tell 66.229.170.1 08:15:48.513366 IP 98.203.6.135.33433 > 68.87.74.162.domain: 63866+ PTR? 86.170.229.66.in-addr.arpa. (44) 08:15:48.552057 arp who-has 98.203.1.178 tell 98.203.0.1 08:15:48.567617 IP 68.87.74.162.domain > 98.203.6.135.33433: 63866 1/0/0 (93) 08:15:48.676102 arp who-has 66.229.170.31 tell 66.229.170.1 08:15:48.733381 arp who-has 98.203.3.181 tell 98.203.0.1 08:15:48.774378 arp who-has 76.110.185.155 tell 76.110.184.1 08:15:49.080792 arp who-has 71.206.77.81 tell 71.206.76.1 08:15:49.118336 arp who-has 98.46.109.240 tell 98.46.109.1 08:15:49.118731 IP 98.203.6.135.33433 > 68.87.74.162.domain: 184+ PTR? 240.109.46.98.in-addr.arpa. (44) 08:15:49.134683 IP 68.87.74.162.domain > 98.203.6.135.33433: 184 NXDomain 0/1/0 (132) 08:15:49.160092 arp who-has 76.110.187.17 tell 76.110.184.1 08:15:49.208825 arp who-has 76.110.189.58 tell 76.110.184.1 08:15:49.317184 arp who-has 65.34.210.47 tell 65.34.210.1 08:15:49.413014 arp who-has 98.203.2.162 tell 98.203.0.1 08:15:49.589418 arp who-has 76.110.184.13 tell 76.110.184.1 08:15:49.592161 arp who-has 98.203.5.98 tell 98.203.0.1 08:15:49.635103 arp who-has 76.110.185.232 tell 76.110.184.1 08:15:49.752062 arp who-has 65.34.211.67 tell 65.34.210.1 08:15:49.872395 arp who-has 98.203.3.153 tell 98.203.0.1 08:15:50.091724 arp who-has 98.203.0.111 tell 98.203.0.1 08:15:50.093236 arp who-has 98.203.0.114 tell 98.203.0.1 08:15:50.094008 arp who-has 98.203.0.115 tell 98.203.0.1 08:15:50.095170 arp who-has 98.203.0.117 tell 98.203.0.1 08:15:50.098236 arp who-has 98.203.0.118 tell 98.203.0.1 08:15:50.098577 arp who-has 98.203.0.120 tell 98.203.0.1 08:15:50.098876 arp who-has 98.203.0.121 tell 98.203.0.1 08:15:50.099178 arp who-has 98.203.0.122 tell 98.203.0.1 08:15:50.099480 arp who-has 98.203.0.123 tell 98.203.0.1 08:15:50.101209 arp who-has 98.203.0.125 tell 98.203.0.1 08:15:50.101561 arp who-has 98.203.0.126 tell 98.203.0.1 08:15:50.174306 arp who-has 76.110.186.255 tell 76.110.184.1 08:15:50.174588 IP 98.203.6.135.33433 > 68.87.74.162.domain: 32460+ PTR? 255.186.110.76.in-addr.arpa. (45) 08:15:50.190267 arp who-has 76.110.184.13 tell 76.110.184.1 08:15:50.206890 arp who-has 98.203.0.39 tell 98.203.0.1 08:15:50.220917 arp who-has 71.206.78.27 tell 71.206.76.1 08:15:50.224216 arp who-has 66.229.170.254 tell 66.229.170.1 08:15:50.228505 IP 68.87.74.162.domain > 98.203.6.135.33433: 32460 1/0/0 (95) 08:15:50.228984 IP 98.203.6.135.33433 > 68.87.74.162.domain: 22637+ PTR? 254.170.229.66.in-addr.arpa. (45) 08:15:50.281247 IP 68.87.74.162.domain > 98.203.6.135.33433: 22637 1/0/0 (95) 08:15:50.282044 arp who-has 76.110.189.110 tell 76.110.184.1 08:15:50.364382 arp who-has 98.46.109.90 tell 98.46.109.1 08:15:50.392168 arp who-has 76.110.189.56 tell 76.110.184.1 08:15:50.531449 arp who-has 98.203.7.246 tell 98.203.0.1 08:15:50.538798 arp who-has 98.35.105.247 tell 98.35.105.1 08:15:50.539099 IP 98.203.6.135.33433 > 68.87.74.162.domain: 62320+ PTR? 247.105.35.98.in-addr.arpa. (44) 08:15:50.539324 IP 98.203.6.135.traceroute > 68.87.74.162.domain: 3108+ PTR? 247.105.35.98.in-addr.arpa. (44) 08:15:50.568403 arp who-has 71.206.79.143 tell 71.206.76.1 08:15:50.591548 arp who-has 66.229.170.84 tell 66.229.170.1 08:15:50.593753 IP 68.87.74.162.domain > 98.203.6.135.33433: 62320 NXDomain 0/1/0 (132) Is this normal? What does all this mean? -macroron- |
Looks normal to me. Just ARP (Address Resolution Protocol) requests interspersed with some DNS (Domain Name Service) traffic. Using your favourite searchengine with the TLA's ARP and DNS should bring up enough sites with explanation.
|
Re: arp who-has? tell?
Thank You,
I'm beginning to understand. More explanation here: I am just beginning my study of networking with the intention to get a router and start a home network. My next project is to get a static ip address from DynDNS www.dyndns.com/ and then study up on routers. Any sugestions on hardware and software would be appreciated. I'd like to eventually experiment with a wireless sff motherboard diy router project. -macroron- |
Quote:
Quote:
Quote:
|
Re: arp who-has? tell?
Quote:
-macroron- |
All times are GMT -5. The time now is 03:05 AM. |