North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: The use of .0/.255 addresses.
On Sat, 26 Jun 2004, Jon Lewis wrote: > > On Sat, 26 Jun 2004, Tony Li wrote: > > > The .255 address is very likely to be a broadcast address from a > > netblock of /24 or longer. I would suspect that folks are wary of > > accepting packets from a broadcast address as that could easily be a > > smurf. The .0 address was used as a broadcast address long ago and then > > was deprecated, so the same rationale probably applies. > > I have a case where this is currently biting me. I've got a few small > blocks of address space that I've chopped up into /32's for router > loopback IPs. These are in /24's which have been subnetted with various > sized customer subnets and then a /27 or so worth of router loopback > /32's. One in particular is: > > interface Loopback0 > ip address 188.8.131.52 255.255.255.255 Hi Jon, I currently have a few .255/32s with Cisco and Foundry products and have various windows/linux/OSX machines that access them without problems.. > I found some time ago that my home DSL connected network could not reach > (telnet, ping, etc.) that router's loopback. Our monitoring system could, > and several iBGP peers could, so I didn't notice the issue until one night > when trying to do some work from home. I could see the problem with DSL's where the provider may be interfering.. surprised about your monitoring tho... > What I've found is that one of our routers (7206 doing T1/DSL aggregation > running 12.1T) has .255 issues. Yes, it does have ip subnet-zero & ip > classless in the config. What's really odd is, from that 7206, I can > traceroute to 184.108.40.206, but if I ping 220.127.116.11 from it, I get > replies from another 209.208.6.x address on a connected T1 customer's CPE, > as if the ping was sent out as a broadcast ping. that looks really interesting. be curious as to how it gets forwarded across to CPE box to get the reply at all (even if it confuses the broadcast, surely you have directed broadcast disabled on 7206 + CPE)? Steve > > #sh ip ro 18.104.22.168 > Routing entry for 22.214.171.124/32 > Known via "ospf 1", distance 110, metric 20, type extern 2, forward > metric 4 > Last update from 126.96.36.199 on FastEthernet0/0.1, 00:46:47 ago > Routing Descriptor Blocks: > * 188.8.131.52, from 184.108.40.206, 00:46:47 ago, via FastEthernet0/0.1 > Route metric is 20, traffic share count is 1 > > #ping 220.127.116.11 > > Type escape sequence to abort. > Sending 5, 100-byte ICMP Echos to 18.104.22.168, timeout is 2 seconds: > > Reply to request 0 from XXXXXXXXXX (209.208.6.xyz), 68 ms > Reply to request 1 from XXXXXXXXXX (209.208.6.xyz), 68 ms > Reply to request 2 from XXXXXXXXXX (209.208.6.xyz), 68 ms > Reply to request 3 from XXXXXXXXXX (209.208.6.xyz), 68 ms > Reply to request 4 from XXXXXXXXXX (209.208.6.xyz), 68 ms > > I suppose I'll give up on using the .255 IP, but I've not been looking > forward to changing that as it means redoing half a dozen BGP peerings. > > ---------------------------------------------------------------------- > Jon Lewis | I route > Senior Network Engineer | therefore you are > Atlantic Net | > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ >