andyjohnson at ij.net
Wed Aug 13 09:42:15 CDT 2008
> The only things I can think of that might be the cause are
> misconfiguration in a DACS/mux somewhere along the circuit path or perhaps
> a mishandled lawful intercept. I don't have enough experience with either
> or enough access to the systems that provide the circuit to do any more
> than speculate. Has anyone else ever seen anything like this?
I'm not sure how a DACS/mux misconfiguration would do this. There would have
to be some intelligent device grabbing those IP packets and forwarding them
on to another IP router, which seems really likely.
Have you noticed any unusual shifts in pattern on the internal network of
your Ocala office? I wonder if somebody decided it would be clever to start
up a VPN tunnel on a host inside your network, and also set the host in
promiscuous mode, forwarding every packet it gets back out that tunnel.
The only argument I can come up against this tunnel/host, is that when you
changed line encapsulation modes, it went away. However, could have just
dropped the tunnel or the host that was misbehaving decided it was a good
time to stop.
More information about the NANOG