Ok, so I have this FreeBSD 8 server that has two NICs. I'm using NAT so one talks to the internet and the other to my internal network.
When I
Anyone got any idea what this is? I haven't tried yet to change the NIC with a new one, maybe something wrong with the actual network card.
ifconfig shows this:
Code:
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9<RXCSUM,VLAN_MTU>
ether 00:50:04:31:9a:51
inet 78.77.77.188 netmask 0xffffff80 broadcast 78.77.77.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:04:61:74:44:ac
inet 172.27.0.1 netmask 0xffffff00 broadcast 172.27.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active tcpdump my external NIC (xl0), besides the usual traffic I get this weird broadcast traffic involving two MAC addresses that I can't identify and can't understand what this traffic actually is:
Code:
11:58:15.727791 00:09:0f:ff:9f:c8 (oui Unknown) > Broadcast, ethertype Unknown (0x8890), length 96:
0x0000: 2900 0052 b246 4732 3030 4233 3931 3136 )..R.FG200B39116
0x0010: 3130 3239 3900 16c2 0000 04b4 3b1d aa40 10299.......;..@
0x0020: ee28 dd7f c800 0000 1fba 8799 71bb 0c69 .(..........q..i
0x0030: 3c37 6a16 6cd8 79cd 706f 7274 3133 0000 <7j.l.y.port13..
0x0040: 0000 0000 0000 0000 0100 0000 0800 0000 ................
0x0050: 0000 ..
11:58:15.781243 IP blabla.astral.ro.3199 > streamer2-2.distinctgroup.net.1935: Flags [.], ack 1981, win 17008, length 0
11:58:15.888705 00:09:0f:fa:56:e9 (oui Unknown) > Broadcast, ethertype Unknown (0x8890), length 96:
0x0000: 2900 0052 b246 4732 3030 4233 3931 3136 )..R.FG200B39116
0x0010: 3037 3532 3101 d815 0000 0545 3b1d aa40 07521......E;..@
0x0020: ee28 dd7f c800 0000 204c d240 9a8c 22e2 .(.......L.@..".
0x0030: 1865 e869 18f8 2bc3 706f 7274 3133 0000 .e.i..+.port13..
0x0040: 0000 0000 0000 0000 0100 0000 0800 0100 ................
0x0050: 0000