Re: Are IP addresses where the last byte is 255 invalid?

root (root@stargate.teklords.com)
Tue, 13 Jan 1998 11:23:15 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: SOCK_PACKET again.."
Previous message: DAVID BALAZIC: "Re: Are IP addresses where the last byte is 255 invalid?"
Maybe in reply to: Baldur Norddahl: "Are IP addresses where the last byte is 255 invalid?"

> I recently discovered something strange. We got a network with the subnet
> mask 255.255.252.0 (1024 ip addresses). The network address is 212.0 and the
> broadcast address is 215.255. If you ping 215.255 then I all Linux box'es un
> the net answers. The M$ boxes don't.
< much deleted >
This is normal. ( or abnormal, -it's "kernel maker's choice" out there on this )
Some Unix companies have even recently decided to make it configurable on the
fly as to whether a machine should answer an ICMP broadcast or to silently
ignore it. <-- I like this.
As for addressing schema... in an IP header, the address "0.0.0.0" historically
means "this machine" and conversely address 255.255.255.255 means "all machines".
So,,if you recieve a packet addressed to ie: 1.1.1.255 , then remembering that
subnet masks do not get inserted into the IP header of the packet, the recieving
machine has no way of knowing which mask to apply, unless it applies it's own mask
to the sender's IP address to determine whether the sender is in "my" subnet or not.
( This would be the equivalent of only answering ICMP broadcasts which originated
inside your own subnet ) < -- this would, perhaps also be a good thing :)
( This would definitely keep the casual ping-bomb away, unless he spoofed, and
hopefully your routers would catch this )
Using what you have done below, is a way to "discover" all of the machines on
your own net (I think too, it should be your own subnet, but that's JMHO)
Like you demo'd some manufac's Unices will answer, other's will not.
( Whether this is RFC compliant, or not, we won't go into here, - sometimes
RFC's just get in the way of true progress ) ;)
>
> [bbn@carlsberg ~] ping 192.38.212.255
> PING 192.38.212.255 (192.38.212.255): 56 data bytes
> 64 bytes from 192.38.212.114: icmp_seq=0 ttl=64 time=20.1 ms
> 64 bytes from 192.38.212.10: icmp_seq=0 ttl=64 time=20.5 ms (DUP!)
> 64 bytes from 192.38.208.80: icmp_seq=0 ttl=255 time=20.8 ms (DUP!)
>
Now, think about what you do to your network, when 254 machines respond!
(watch your ethernet hub --better yet, watch a sniffer's spikes on lan
utilization when you do this..remember bandwidth is a precious thimg(tm)

>
> Now we have asked our DHCP server to reserve 192.38.212.255, 192.38.213.255
> and 192.38.214.255 becouse the people who got these addresses had great
> trouple. But I would like to know if this is a bug, or if it is in general
> forbidden to use address ending in .255?
Not "expressly" verboten, but not a real good idea(tm) based on the historical meaning
of the number "255" meaning "everybody"

>
> Baldur
It may be worthwhile to note that AIX silently ignores ICMP broadcasts altogether.
( maybe a good idea? ) <-- definitely cuts down on ignorant useage of the network's
bandwidth.
Nor is it a good thing to ping x.x.x.0
Want to bring a net of machines which DO answer ICMP b'casts to it's knees?
If your netmask is 255.255.255.0 Do "ping -f x.x.x.255"
To make a point, I can knock all of my machines which run SparcLinux into a
watchdog reset (VERY UGLY) by doing just this: ping -f 10.255.255.255
( Kernel 2.0.30 running on a SPARC )
Maybe the kernel gods might give us a configurable /proc/net option to silently
ignore ICMP b'cast? :)

Robert Manning
robertm@teklords.com

Next message: Alan Cox: "Re: SOCK_PACKET again.."
Previous message: DAVID BALAZIC: "Re: Are IP addresses where the last byte is 255 invalid?"
Maybe in reply to: Baldur Norddahl: "Are IP addresses where the last byte is 255 invalid?"