192.168 addresses in IP Pool

[evisions]

I've been wondering why the IP addresses 192.168.0.X are in my IP pool. Until recently this hasn't been an issue so I wasn't worried about it. However I recently added a new name server and WHM picked one of those IP addressed for the server, which of course won't work. I didn't add these addresses to the pool, so I don't know if they are there for a reason.

Can I safely remove those IP addresses?
Do they serve any purpose?

Thanks,
Chad

 

[eth00]

192.168 is a LAN address and can only be used for LAN purposes. Unless you use them to acess your server over the lan you can take them out without any problems.

btw- what datacenter is your box in, it is weird they configured the box that way.

 

[evisions]

Thanks for the reply. I thought it was strange that LAN ip addresses were there as well, but as I didn't install cpanel myself I wasn't sure if they were there for some other purpose.

My datacenter didn't do the install, I hired a third party to do it. I don't have their contact information handy, but it sounds like I should get in touch with them and find out why things were setup this way.

 

[mr.wonderful]

I have seen this on my servers as well. What gives?

 

[eth00]

They should not be there unless for some reason the datacenter uses the lan ips which I have not seen before. Basically they should not be there and have no use.

 

[evisions]

I've removed these from my IP pool, but when I go to manage name servers it still lists those when it updates the records:

Updating records for ip 192.168.0.100..... Done
Updating records for ip 192.168.0.103..... Done
Updating records for ip 192.168.0.104..... Done

etc.

Also I have three name servers registered somehow on these addresses that it won't let me remove:

IP Name Server
192.168.0.109 192.168.0.109

When I try to delete these it says:
Sorry, the nameserver ip 192.168.0.112 cannot be removing since it is still registered with an ICANN register

any idea how I can correct these two issues?

Thanks,
Chad

 

[perlchild]

Originally posted by evisions
I've removed these from my IP pool, but when I go to manage name servers it still lists those when it updates the records:

Updating records for ip 192.168.0.100..... Done
Updating records for ip 192.168.0.103..... Done
Updating records for ip 192.168.0.104..... Done

etc.

Also I have three name servers registered somehow on these addresses that it won't let me remove:

IP Name Server
192.168.0.109 192.168.0.109

When I try to delete these it says:
Sorry, the nameserver ip 192.168.0.112 cannot be removing since it is still registered with an ICANN register

any idea how I can correct these two issues?

Thanks,
Chad

A Manual edit of the file /etc/nameserverips would solve most of these problems.
I'd assign the ips to a dummy account to prevent the issue from reappearing in the future though.

Say create an account
privatenetwork.domain.com 192.168.x.x
with a one meg quota.

Those lan addresses are usually used for inter-server communication, say for your backup to go without appearing on your bill as a backup service, AND as added bandwidth. It can also be used for firewalling purposes. So removing them without your NOC's approval is a definite BAD IDEA. But creating an account for them that goes nowhere and uses no resources will keep them out of your hair.

 

[evisions]

Thanks perlchild, I'm still learning where cpanel hides all this stuff.... My NOC doesn't provide any of those services for me, I handle all that myself (they just give me space and fat reliable pip), so it's no biggy for me to remove those for now.

 

[EMS]

I dont have any 192.168 addresses in my IP pool but in users control panels for MySQL databases, the access hosts list contains 192.168.1.%

This has not been added to the additional access hosts in WHM (there are none in this list)

Anyone know why this is happening ?

 

[Coffeymate]

Originally posted by evisions
Thanks perlchild, I'm still learning where cpanel hides all this stuff.... My NOC doesn't provide any of those services for me, I handle all that myself (they just give me space and fat reliable pip), so it's no biggy for me to remove those for now.

Same here.
I thought it was a MySql injection issue and have been deleting them from any domains it shows up in regularly. This only tends to appear on domains using programs like PHP-Nuke or Mambo. None of the others ever get that IP block noted as having direct host access to MySql. It's really been aggravating. These tend to appear over the weekends which leads me to believe it is due to Lan parties somewhere.

 

[WebHostPro]

I think there is only two reasons for the most part, to comunicate with a external firewall or switch.

Do you have a either through your datacenter?

 

[Coffeymate]

Originally posted by DWHS.net
I think there is only two reasons for the most part, to comunicate with a external firewall or switch.

Do you have a either through your datacenter?

not me. and like I said, it shows up only in Mysql for those domains using php based programs. They reappear each Saturday for the most part. They never appear during the week.

 

[EMS]

My servers are connected to an external reboot switch which would explain the reason for this - however, the ip address range shouldnt be showing in the MySQL access hosts.

 

[WebHostPro]

It will show there if it's added to the server even though it has nothing to do with MySQL.

The reboot switch makes perfect since, I have never used one but it sounds like a good idea of the NOC doesn't have hands available.

Have a good one.

 

[eth00]

After making sure your DC does need it I would just block it in your firewall. APF allows you to block all lan ips, that should solve the problems. Even if it is added no communication will be able to happen.