What is NRDM
-
At random intervals, my pfSense installation tries to connect to tcp/443 to nrdm.netgate.com (208.123.73.93) ... does anybody know why? Is there a configuration setting to turn it off? Thanks.
-
@user2 said in What is NRDM:
tries to connect to tcp/443 to nrdm.netgate.com (208.123.73.93) ... does anybody know why?
Hi,
Is it likely that you are on version 2.5 DEV ....?!
In this case, you can read a few words about it here (this is an integrated management platform)
https://www.netgate.com/blog/pfsense-2-5-and-aes-ni.htmlit certainly can't be disabled, but why would you do that with a Netgate domain
it can have some function for sure -
nrdm.netgate.com does not resolv to that ip, at least not for me or for google dns
;ANSWER
nrdm.netgate.com. 1799 IN A 172.27.10.126i don't know what that ip is for, maybe it check for update or it come from some additional package, you can use packet capture to see what's going on.
there is no reason to ask 4 times the same question on different place
in the meantime i will put my tinfoil hat just to be safe -
pfSense telemetry ?
@kiokoman : pas me your hat, please.
-
It's ews.netgate.com. See: https://forum.netgate.com/post/941202
-
If nrdm is now ews, someone should prob update the PTR ;)
;; ANSWER SECTION: 93.73.123.208.in-addr.arpa. 3600 IN CNAME 93.0-255.73.123.208.in-addr.arpa. 93.0-255.73.123.208.in-addr.arpa. 10800 IN PTR nrdm.netgate.com.
-
nice, so i was right about check for update plus the content of the "services and support" plus copyright stuff
@Gertjan I think we can safely remove the tinfoil hat this time, no rush but send me back what I lent you -
Should be fixed, thanks.
-
yup fixed
;; QUESTION SECTION: ;93.73.123.208.in-addr.arpa. IN PTR ;; ANSWER SECTION: 93.73.123.208.in-addr.arpa. 3584 IN CNAME 93.0-255.73.123.208.in-addr.arpa. 93.0-255.73.123.208.in-addr.arpa. 10784 IN PTR ews.netgate.com.
-
Thank you to all that responded. Much appreciated!
-
@user2 , I think you are overly worried, but then again that's your right. Anyway the IP address that you mentioned is related to these IP addresses:
IPV4 24.227.211.0/24 64.17.0.0/20 64.20.224.0/19 64.20.224.0/20 66.219.32.0/19 96.47.208.0/20 96.47.209.0/24 192.188.253.0/24 198.252.182.0/24 208.67.240.0/21 208.123.64.0/19 208.123.73.0/24 216.1.112.0/22 IPV6 2610:160::/32