On Tue, May 16, 2000 at 09:15:40AM -0500, Ed Carp wrote:
> Michael H. Warfield (mhw@wittsend.com) writes:
>
> > On Mon, May 15, 2000 at 06:38:08PM -0900, Christopher E. Brown wrote:
> > > On Mon, 15 May 2000, Ed Carp wrote:
> >
> > > > Dan Kegel (dank@alumni.caltech.edu) writes:
> >
> > > > > In http://www.kegel.com/mediaone.html I relate my problems when
> > > > > I was assigned an address ending in .0 or .255. Even though this
> > > > > was a valid address, some routers out on the internet blocked
> > > > > access, assuming packets from my address were forged as part
> > > > > of a smurf attack.
> >
> > > > No, sir, those addresses are not valid addresses, since most if not all hosts
> > > > may respond to them. Witness what happens when you ping an address ending in
> > > > either .0 or .255 - they are usually interpreted as broadcast addresses, NOT
> > > > to be assigned to hosts.
> >
> >
> > > This is only true in classful routing, not classless. In any
> > > case (old or new), the last hop router is the one that should be
> > > dropping or not dropping the packet, *never* a router somewhere in the
> > > middle.
> >
> > It's not even true then. It's only true in the case of classful
> > routing on a class C network (255.255 and 0.0 on a class B and 255.255.255
> > and 0.0.0 on a Class A) or in a /24 in classless routing (as defined by
> > the end router - intermediate routers can NOT make that determination).
> > In the case of /25 or smaller (larger number), 255 and 0 are bad but
> > so are 128 and 127 as well as others (depending on netmask number).
>
> Did you deliberately overlook the point? It's not the routers that were my
> point, it was the hosts that respond to such broadcasts.
The point that I was specifically responding to was the remark
about .255 and .0 being bad. That is incorrect, except under very
specific circumstances and, even then, is not a matter for intermediate
routers. It's orthogonal to the hosts responding to broadcasts issues.
The ORIGINAL poster was making reference to intermediate routers blocking
those addresses, which is also wrong since a directed broadcast can only
be determined by the end router on the border to the specific subnet.
If I followed the indenting correctly (correct me if I'm wrong)
you are the writer who made this statement: "No, sir, those addresses are
not valid addresses". That statement is manifestly incorrect in my
experience. It would only be true if the netmask were /24 or tigher.
As far as hosts responding to a ping to .255, if you are on a
network with a netmask of, say 255.255.254.0 (a /23 which I have several
of at the office) then a ping to 208.21.4.255 will only get you that
host, it will NOT ding any other systems because it's NOT a broadcast.
By the same token, a ping to 208.21.5.0 will also reach a single
host, because it's NOT a network address. So here are two very specific
examples that .0 and .255 are legitimate host addresses.
I personally control a /16. I have subnets finer than /24 which
would require finer restrictions and I have subnets greater than /24
on which x.255 or x.0 are possibly perfectly legitimate host addresses
(and are in some cases). I have some /24 networks, were your point
is specifically valid, but it's only on a /24 where those two addresses,
and only those two address, are reserved.
What point am I missing at this point?
> --
> Ed Carp, N7EKG erc@pobox.com 940/367-2744 cell phone
> http://www.pobox.com/~erc
Mike
-- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue May 23 2000 - 21:00:10 EST