I am new to ubiquiti routers but I am now working for a company that has deployed several of these to businesses. I have one customer who is getting messages from their ISP about some high traffic originating from their network. We have been unable to trace down the traffic yet to a particular device and everytime we shut down a device we think is the culprit, the traffic moves to another address. All traffic is originating from their security camera network 10.0.0.0/8 255.0.0.0 and destined for the external interface of the router. We assume there is a device that has a wrong netmask or something and doesn't know where to send the traffic so it routes out to the internet and back in. I want to block all of the 10.0.0.0/8 network from ever leaving the internal network (192.168.0.1/21) in an attempt to stop the traffic the ISP is seeing while we attempt to trace down to the device. Any computer that accesses the camera netowrk has a second 10.x.x.x address added to their ethernet card with a 255.0.0.0 address.
↧