LRP Maximum Clients?

Chris Bopp cpb at spal455a.lll.hawaii.edu
Sun Oct 15 03:42:35 PDT 2000


Congrats, Kevin! From what I read of RH 7, the worst may not be over!!!!

Regarding number of clients served by a masquerade - oh plenty. There are
some firewall/forwarding setups that masquerade the whole Internet onto
your private network (hopefully they don't all connect at once!). LRP
specifically I don't know, certainly hundreds and probably millions
(more slowly).

Regarding "Martian packets", I thought "oh those are IP packets from a
Class E network" and I set about surfing to find a good reference that
defined "Class E" and linked it to "Martian". As is often the case, I
found a bunch of stuff I didn't know I was looking for.

Basically, there are several kinds of packets considered "Martian":
* Class E address I was partly right!
* loopback (127.whatever) packets on a non-loopback interface
* packets on any interface that "should" have arrived on another
  interface (like how could I reply to this address...I have more than one
  physical interface that "leads" to it!) as mitigated by route metrics,
  route cost daemons and the rp_filter kernel networking option.
* packets from reserved (e.g., 1.whatever) or private networks (e.g.,
  10.whatever and 192.168.whatever) that appear on a public interface.

this is very briefly it, not too informative though
 http://info.astrian.net/jargon/terms/m/martian.html
same thing, more detail
 ftp://ftp.sunet.se/pub/Internet-documents/matrix/news/v1/mars.102
LRP-specific email thread archive
 http://www.geocrawler.com/archives/3/303/2000/6/0/3961492/
LARGE rfc document that's got it all (search for "Martian" or "Class E":
 http://RF.Cx/rfc1812.html

It is related to the rp_filter protection option in the 2.2 kernel, which
can trip people who might WANT multiple IP packet routes (redundancy or
load-balancing, perhaps).

Chris Bopp



More information about the LUAU mailing list