Tag Archives: Networking

Required URL’s for Blizzard Games

After a painful amount of time I was finally able to figure out what URL’s are used for Blizzard games via an extensive packet capture. Here’s my list:

The Obvious:
battle.net
blizzard.com

Bliz content providers:
akamaihd.net
akamaized.net
This one may be from a different game, but it’s clearly the same CDN:
akamai.net

Here were the two got’chas for voice:
digicert.com
usertrust.com

Without those last two I was able to play every Blizzard game (with the exception of Overwatch as it requires voice) I tried, but was unable to authenticate their voice servers.

Excessive Unknown Unicast Frames

Unknown Unicast frames are simply frames with a destanation MAC Address not listed in the switches table.

The first step is to determine what this traffic actually is (typically with a packet capture):

Is this malicious traffic?
Is this legitimate traffic?

Malicious Traffic:
Can we stop the traffic from happening altogether via patching or software updates?
If not our best bet is probably an ACL or firewall rule as close to the source as we can get.

Legitimate Traffic:
Solution varies greatly, depending on what the traffic is and why it’s unknown.

Is the destination unknown simply because the destination never transmits or broadcasts?
If so a static MAC Address entry might be warranted.

Is the destination unknown because that’s the way the protocol works such as Microsoft Network Load Balancing?
If so the best bet is to segregate that traffic via hardware or vlans.
If segregating the traffic isn’t an option, then one solution would be to block this traffic from exiting unwanted traffic via an ACL.

This is also assuming the layer 2 network is working as expected. There are other unlikely reasons the switch may not have an address in its table such as being flooded with Topology Change Notifications or even software/hardware. But again in terms of probability those are very low.