evisions

Well-Known Member
Jan 25, 2004
68
0
156
I've been wondering why the IP addresses 192.168.0.X are in my IP pool. Until recently this hasn't been an issue so I wasn't worried about it. However I recently added a new name server and WHM picked one of those IP addressed for the server, which of course won't work. I didn't add these addresses to the pool, so I don't know if they are there for a reason.

Can I safely remove those IP addresses?
Do they serve any purpose?

Thanks,
Chad
 

eth00

Well-Known Member
PartnerNOC
Mar 30, 2003
721
1
168
NC
cPanel Access Level
Root Administrator
192.168 is a LAN address and can only be used for LAN purposes. Unless you use them to acess your server over the lan you can take them out without any problems.

btw- what datacenter is your box in, it is weird they configured the box that way.
 

evisions

Well-Known Member
Jan 25, 2004
68
0
156
Thanks for the reply. I thought it was strange that LAN ip addresses were there as well, but as I didn't install cpanel myself I wasn't sure if they were there for some other purpose.

My datacenter didn't do the install, I hired a third party to do it. I don't have their contact information handy, but it sounds like I should get in touch with them and find out why things were setup this way.
 

eth00

Well-Known Member
PartnerNOC
Mar 30, 2003
721
1
168
NC
cPanel Access Level
Root Administrator
They should not be there unless for some reason the datacenter uses the lan ips which I have not seen before. Basically they should not be there and have no use.
 

evisions

Well-Known Member
Jan 25, 2004
68
0
156
I've removed these from my IP pool, but when I go to manage name servers it still lists those when it updates the records:

Updating records for ip 192.168.0.100..... Done
Updating records for ip 192.168.0.103..... Done
Updating records for ip 192.168.0.104..... Done

etc.

Also I have three name servers registered somehow on these addresses that it won't let me remove:

IP Name Server
192.168.0.109 192.168.0.109

When I try to delete these it says:
Sorry, the nameserver ip 192.168.0.112 cannot be removing since it is still registered with an ICANN register

any idea how I can correct these two issues?

Thanks,
Chad
 

perlchild

Well-Known Member
Sep 1, 2002
279
0
166
Originally posted by evisions
I've removed these from my IP pool, but when I go to manage name servers it still lists those when it updates the records:

Updating records for ip 192.168.0.100..... Done
Updating records for ip 192.168.0.103..... Done
Updating records for ip 192.168.0.104..... Done

etc.

Also I have three name servers registered somehow on these addresses that it won't let me remove:

IP Name Server
192.168.0.109 192.168.0.109

When I try to delete these it says:
Sorry, the nameserver ip 192.168.0.112 cannot be removing since it is still registered with an ICANN register

any idea how I can correct these two issues?

Thanks,
Chad
A Manual edit of the file /etc/nameserverips would solve most of these problems.
I'd assign the ips to a dummy account to prevent the issue from reappearing in the future though.

Say create an account
privatenetwork.domain.com 192.168.x.x
with a one meg quota.

Those lan addresses are usually used for inter-server communication, say for your backup to go without appearing on your bill as a backup service, AND as added bandwidth. It can also be used for firewalling purposes. So removing them without your NOC's approval is a definite BAD IDEA. But creating an account for them that goes nowhere and uses no resources will keep them out of your hair.
 

evisions

Well-Known Member
Jan 25, 2004
68
0
156
Thanks perlchild, I'm still learning where cpanel hides all this stuff.... My NOC doesn't provide any of those services for me, I handle all that myself (they just give me space and fat reliable pip), so it's no biggy for me to remove those for now.
 

EMS

BANNED
May 10, 2003
250
0
166
I dont have any 192.168 addresses in my IP pool but in users control panels for MySQL databases, the access hosts list contains 192.168.1.%

This has not been added to the additional access hosts in WHM (there are none in this list)

Anyone know why this is happening ?
 

Coffeymate

Active Member
Jun 27, 2003
30
0
156
Atlanta
Originally posted by evisions
Thanks perlchild, I'm still learning where cpanel hides all this stuff.... My NOC doesn't provide any of those services for me, I handle all that myself (they just give me space and fat reliable pip), so it's no biggy for me to remove those for now.
Same here.
I thought it was a MySql injection issue and have been deleting them from any domains it shows up in regularly. This only tends to appear on domains using programs like PHP-Nuke or Mambo. None of the others ever get that IP block noted as having direct host access to MySql. It's really been aggravating. These tend to appear over the weekends which leads me to believe it is due to Lan parties somewhere.
 

Coffeymate

Active Member
Jun 27, 2003
30
0
156
Atlanta
Originally posted by DWHS.net
I think there is only two reasons for the most part, to comunicate with a external firewall or switch.

Do you have a either through your datacenter?
not me. and like I said, it shows up only in Mysql for those domains using php based programs. They reappear each Saturday for the most part. They never appear during the week.
 

EMS

BANNED
May 10, 2003
250
0
166
My servers are connected to an external reboot switch which would explain the reason for this - however, the ip address range shouldnt be showing in the MySQL access hosts.
 

eth00

Well-Known Member
PartnerNOC
Mar 30, 2003
721
1
168
NC
cPanel Access Level
Root Administrator
After making sure your DC does need it I would just block it in your firewall. APF allows you to block all lan ips, that should solve the problems. Even if it is added no communication will be able to happen.
 
Thread starter Similar threads Forum Replies Date
K General Discussion 3