Theme

Welcome · log in · join

D-Link → weird ip

uniqs
2150

« [Help Me] DIR-615 and Chromecast • I need help with my old D-Link DGL4300 and new cable modem »

max772 join:2013-11-18	max772 Member 2013-Nov-18 7:37 pm weird ip I was reading on the rogers community forums where a person found a strange ip on their router so for fun i checked mine and found this: 224.0.0.1: - 22.18.192.1: IGMP - IN What is this? The ip 22.18.192.1 leads to United States Ohio Columbus Dod Network Information Center. Is the original poster right in saying the us is spying on us or is it just a normal thing? I run american netflix by using american dns numbers but i was told by blockless that this is 100% legal to do.
	· actions · 2013-Nov-18 7:37 pm ·
BimmerE38FN join:2002-09-15 Boise, ID	BimmerE38FN Member 2013-Nov-19 10:02 am What model router are you using?
	· actions · 2013-Nov-19 10:02 am ·

max772 join:2013-11-18	max772 Member 2013-Nov-19 7:42 pm dlink 615.
	· actions · 2013-Nov-19 7:42 pm ·
max772	max772 Member 2013-Nov-19 7:43 pm Has anyone else had this happen before?
	· actions · 2013-Nov-19 7:43 pm ·
NetFixer From My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU	NetFixer to max772 Premium Member 2013-Nov-23 10:02 pm to max772 Are you perchance running some sort of VPN or proxy or remote access client on any PC behind your router? I can recall instances where I found such applications illegally using DoD IP addresses for internal purposes because the vendor assumed that none of their clients would actually be using a DoD IP address for anything. Your statement: "I run american netflix by using american dns numbers" makes me think that this is the source of your "DoD" IP address.
	· actions · 2013-Nov-23 10:02 pm ·
max772 join:2013-11-18	max772 Member 2013-Nov-24 8:19 pm I have since stopped using the service and everything is set to what it was before and i still have incoming igmp even though igmp doesn't seem to be enabled. I run a desktop, tablet (samsung galaxy 2), ps3, xbox one. It's not that i have anything to hide really but i'm just curious as to why i have a constant incoming igmp from the dod of all places. Oh and ty for the help btw!
	· actions · 2013-Nov-24 8:19 pm ·
NetFixer From My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU	NetFixer Premium Member 2013-Nov-24 8:49 pm said by max772: I have since stopped using the service and everything is set to what it was before and i still have incoming igmp even though igmp doesn't seem to be enabled. I run a desktop, tablet (samsung galaxy 2), ps3, xbox one. It's not that i have anything to hide really but i'm just curious as to why i have a constant incoming igmp from the dod of all places. Oh and ty for the help btw! What you are seeing is a All Hosts multicast, not a connection attempt from the DoD. »en.wikipedia.org/wiki/Mu ··· _address quote: 224.0.0.1: The All Hosts multicast group addresses all hosts on the same network segment. Even if you are no longer using the VPN/proxy service, if you didn't uninstall the client application (or if the uninstall was not complete), some part of it may still be active and trying to communicate with the mother ship. Also, since your public IP address may still be in the mother ship's address pool, they can still be trying to contact your PC even if you have disabled/uninstalled the client app. In any event, what you are seeing is not the DoD probing your network (and even if they were, anyone can knock on your door...it's up to you whether or not you open the door).
	· actions · 2013-Nov-24 8:49 pm ·
max772 join:2013-11-18 2 edits	max772 Member 2013-Nov-24 11:46 pm When you say it's up to me whether i open the door what do you mean? Sorry for being so dumb but i am dumb with these issues and i do value your sharing of the knowledge you have. I don't know how i could block it because igmp isn't even enabled on my router. As for the blockless what they give you is dns numbers which you switch then you are good to go. I have since switched those back the the original. Again tyvm for the help. (Also does incoming mean that it is being sent from the ip?)
	· actions · 2013-Nov-24 11:46 pm ·
NetFixer From My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU	NetFixer Premium Member 2013-Nov-25 12:23 am said by max772: When you say it's up to me whether i open the door what do you mean? Sorry for being so dumb but i am dumb with these issues and i do value your sharing of the knowledge you have. I don't know how i could block it because igmp isn't even enabled on my router. As for the blockless what they give you is dns numbers which you switch then you are good to go. I have since switched those back the the original. Again tyvm for the help. I have no idea what a "blockless" is or what it has to do with DNS or your original question. It would help if you put your original "224.0.0.1: - 22.18.192.1: IGMP - IN" statement in context. Where are you seeing that information? Is it in a router log, and if so, what log, and is there any other information from that log that you did not post? A screen shot (of the router log, or whatever is providing that information) might help to make things more understandable to an outsider. I suspect that you are looking at a firewall log, and what it is telling you is that the router/firewall is already blocking what you are seeing (but without context, I have no way of knowing what you are even looking at). It would also help to know what kind of VPN or proxy you were using, and if it required you to install a client on one (or more) of your network devices. If it was something that you did with your desktop PC (and if it is a Windows PC) try opening a command prompt and doing ipconfig /all and netstat -an commands; that might tell you/us if that PC is still trying to connect to a 22.x.x.x network.
	· actions · 2013-Nov-25 12:23 am ·
max772 join:2013-11-18 2 edits	max772 Member 2013-Nov-25 12:29 am Ok sorry about not being clear enough. I found the line 224.0.0.1: - 22.18.192.1: IGMP - IN by: checking status and then internet sessions on my dir 615 dlink router. So i sign into my router, click status then the internet sessions option. Blockless is the service i used for access to usa netflix. Using this service requires you to change your dns numbers to that of the united states so you can use american netflix. For each device i wanted to use the american netflix all i had to do was add the dns numbers from blockless.
	· actions · 2013-Nov-25 12:29 am ·
NetFixer From My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU	NetFixer Premium Member 2013-Nov-25 1:58 am said by max772: Ok sorry about not being clear enough. I found the line 224.0.0.1: - 22.18.192.1: IGMP - IN by: checking status and then internet sessions on my dir 615 dlink router. So i sign into my router, click status then the internet sessions option. Blockless is the service i used for access to usa netflix. Using this service requires you to change your dns numbers to that of the united states so you can use american netflix. For each device i wanted to use the american netflix all i had to do was add the dns numbers from blockless. The clarification does help me to know what you are doing/seeing. It sounds like the Blockless service uses DNS redirection to send your traffic through a transparent proxy for (hopefully only) certain video streaming sites. Whether that service introduced a connection using a 22.x.x.x IP address, I can't say, and I am not inclined to open an account to find out (but I have seen other public VPN/proxy services use DoD IP addresses in the past). Regardless of what triggered it, you should not be seeing an active IGMP session if your router is actually blocking IGMP traffic. However, due to the nature of that particular multicast operation, you would have to actually be a member of that multicast group in order for it do do anything. So again, I don't think you have to be concerned about the DoD monitoring your network (believe me, they could and would be much more discreet...at least until the tactical team stormed your residence). I assume that you have the Enable Multicast Streams box unchecked in the router's Advanced Network section (and that is what you mean by saying that IGMP is not enabled), but do you also have the Enable UPnP box in the same section unchecked? If UPnP is enabled, then any application or attached device that is UPnP aware can create their own rules in your router (including enabling IGMP Multicast Streams). Since you seem to be a streaming video user, I am surprised that you would disable Multicast Streams.
	· actions · 2013-Nov-25 1:58 am ·
NormanS I gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P	NormanS to max772 MVM 2013-Dec-27 10:31 pm to max772 said by max772: What is this? The ip 22.18.192.1 leads to United States Ohio Columbus Dod Network Information Center. Is the original poster right in saying the us is spying on us or is it just a normal thing? I run american netflix by using american dns numbers but i was told by blockless that this is 100% legal to do. I would guess it is "legal" as in no law against it. I concur with NetFixer . I am guessing that "Blockless" is a VPN service. I don't know much about VPNs, but I believe they often use RFC 1918 reserved IP address blocks, which are not routed over the public Internet. The evidence I see from trace route is that 22.0.0.0/8 does not have an Autonomous System number, thus is not announced in BGP. In other words, you can't get there from any Internet connection. If Blockless is using the DoD IP addresses internally, your VPN client becomes a part of that internal network? If so, the IGMP is between your router and the Blockless VPN server, and the U.S. DoD is not a part of this picture.
	· actions · 2013-Dec-27 10:31 pm ·

Forums → Equipment Support → Hardware By Brand → D-Link	« [Help Me] DIR-615 and Chromecast • I need help with my old D-Link DGL4300 and new cable modem »