Forum Discussion

hanky's avatar
hanky
New member | Level 2
12 months ago
Solved

We wish to block all UDP fragments from entering our network.

We wish to block all UDP fragments from entering our network.  Dropbox LAN sync uses UDP port 17500 for discovery but I need to know the IP address that Dropbox is using so I can add it to an exception list to allow UDP fragments through.


  • hanky wrote:

    We wish to block all UDP fragments from entering our network.  ... but I need to know the IP address that Dropbox is using so I can add it to an exception list to allow UDP fragments through.


    Hi hanky,

    There is no need to handle in any special way Dropbox UDP packets. 🙂 You may block all of them since they never get in or out of your LAN (that's why LAN Sync); just don't prevent them to flow locally. The IP address in use is the same any other discovery service uses - your local broadcast address. 😉 That's it.

    Hope this helps.

     

    PS: local broadcast address: Let's say your machine IP address is 192.168.0.10/24 (e.g. IP mask 255.255.255.0). In such a case your discovery/broadcast IP address is 192.168.0.255 if you need it at all. Simple, right?! 😜

  • Rich's avatar
    Rich
    Icon for Super User II rankSuper User II

    hanky wrote:

    ... I need to know the IP address that Dropbox is using so I can add it to an exception list to allow UDP fragments through.


    I doubt they'll publish that information here, and I doubt it's a single IP address anyway. You can find a list of the official domains that Dropbox uses here, and you can find other information on the IP ranges that Dropbox uses with a search of the net.

     

    Your best option, however, would be to analyze the traffic on your own network to determine what IP ranges your clients are connecting to.

  • Здравко's avatar
    Здравко
    Legendary | Level 20

    hanky wrote:

    We wish to block all UDP fragments from entering our network.  ... but I need to know the IP address that Dropbox is using so I can add it to an exception list to allow UDP fragments through.


    Hi hanky,

    There is no need to handle in any special way Dropbox UDP packets. 🙂 You may block all of them since they never get in or out of your LAN (that's why LAN Sync); just don't prevent them to flow locally. The IP address in use is the same any other discovery service uses - your local broadcast address. 😉 That's it.

    Hope this helps.

     

    PS: local broadcast address: Let's say your machine IP address is 192.168.0.10/24 (e.g. IP mask 255.255.255.0). In such a case your discovery/broadcast IP address is 192.168.0.255 if you need it at all. Simple, right?! 😜