Quote:
Originally Posted by kovidgoyal
If you're willing to develop a better recipe, I'll be happy to replace that one.
|
I'm game... : o )
Quote:
Originally Posted by mike_bike_kite
Why would they care? If they have an ip that's killing their server then they'll just ban the ip. I've got my fingers crossed at the moment that they'll let me back on.
|
And that's exactly what they're doing. Keep in mind that Slashdot is an
EXTREMELY high volume site. What it seems they do it if an IP exceeds a certain threshold of (requests/bandwidth over time?) they ban the IP in order to preserve load and resources for the rest of the world. Basically, Slashdot bans the IPs to avoid getting Slashdotted themselves...
Quote:
Originally Posted by Starson17
There won't be anyone else with that IP when the banned user is using it, and the ban is probably short-term so that by the time it is reassigned, the ban is lifted.
|
That does not seem to be the case. The IP from my primary ISP was banned some time last year (it's been long enough that I forget exactly when) and despite numerous pleas to several different email addresses associated with Slashdot and OSDN (their parent company), I have received absolute silence.
Thanks to some static routes I set in my router/firewall, I am still able to access Slashdot by sending all traffic to their servers (two IP's responsible for the site) through a secondary/redundant IP/ISP. My primary IP remains banned...
(Now, if Slashdot would just start supporting IPv6 and publish AAAA records...)
Quote:
Originally Posted by mike_bike_kite
I'm pretty sure all the computers in my house (wife, kids etc) have the same IP address. Also wouldn't a company use a NAT to show a single public ip address to the world while there might be 1000's of computers behind this address. I'll admit I'm a little unsure when it comes to networking though. |
A home broadband router uses NAT to allow the multiple home computers to access the outside world through the single public IP assigned by the ISP.
From a business perspective, you typically won't have multiple thousands of IP's behind a single NAT-ed address. One of the biggest reasons is performance and other limitations of NAT. The NAT router needs to keep track of every active connection so that when it receives reply traffic from the outside world it knows the original internal host to send that traffic to. Large networks also have to be split into subnets. While several subnets can share a single NATed address, in a large enough installation, such as when you have thousands of users, there will be at the very least be a much larger pool of NAT addresses that are used, so instead of Many <-> One, it's a Many <-> Many translation which distributes the load better.
Anyway, if a large organization get's itself banned from it's employees browsing Slashdot, then there are probably more pressing matters (such as employee productivity) that need to be addressed. And in a sideways way, Slashdot would be doing them a favor by banning the IP. :-)
Quote:
Originally Posted by thinkpadx
That's my impression to. Slashdot risk banning thousand of IP addresses depending on how many computers is behind the NAT, risky business.
|
But that's rarely the case that a single IP has many thousands of systems behind it. A network with thousands of NAT-ed hosts will typically have many public facing IPs for that network as well.
As a Network Engineer for a rather large, and high profile, Government Agency, I can understand blocking IPs that cause service degradation. (in essence it could be a DoS - Denial of Service - attack against Slashdot, of course Slashdot is a DDoS against every other site it links to). Not only do we regularly block IP's on both temporary, and permanent, basis when we see malicious traffic, there have been entire netblocks blocked from time to time when they've been the source of a high number of attacks...