David, The LDM doesn't do anything special to convert a hostname into an IP address: it simply uses the standard system functions to convert the hostname of a REQUEST entry into an IP address. So if your LDM-s are using the public IP address of your other LDM-s, then either the REQUEST entries are specifying the other LDM-s by public IP addresses or the operating systems are converting the hostnames into public IP addresses. Also, the LDM doesn't use the STUN protocol directly. It might use it indirectly (and unknowingly) through the operating system. Are you certain that the internal LDM-s are using their public IP addresses to communicate? > Just recently we noticed a flag on our IPS involving our internal network > talking to the external IP addresses. So I decided to run tcpdump on our > internal interface of our internet connection to see how much traffic was > actually trying to connect to our external ip addresses from the internal > network ips. > > Our current configuration is internal IP addresses of our server farm are > 10.11.0.0/22 network. > > Our external IP address range is 188.8.131.52/23 > > We are seeing 3 of our servers, not only talking to each other servers > outside our network, but to each other using the external IP addresses as > destinations. Looking further using tcpdump to capture and wireshark to view > the data, a protocol called STUN is visible within the traffic. > > -Dave Regards, Steve Emmerson Ticket Details =================== Ticket ID: FFX-692476 Department: Support LDM Priority: Normal Status: Closed
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.