[45207] in North American Network Operators' Group
Re: traffic filtering
daemon@ATHENA.MIT.EDU (E.B. Dreger)
Tue Jan 22 12:06:02 2002
Date: Tue, 22 Jan 2002 17:04:36 +0000 (GMT)
From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
To: Stephen Griffin <stephen.griffin@rcn.com>
Cc: Walter Klomp <walter@swiftech.net.sg>, jes@nl.demon.net,
nanog@merit.edu
In-Reply-To: <200201221648.LAA21988@elektra.ultra.net>
Message-ID: <Pine.LNX.4.20.0201221655170.30645-100000@www.everquick.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
> Date: Tue, 22 Jan 2002 11:48:52 -0500 (EST)
> From: Stephen Griffin <stephen.griffin@rcn.com>
> In the referenced message, Walter Klomp said:
> > As far as I know .0 and .255 are network and broadcast addresses
> > respectively, NEVER should a workstation be configured on these addresses,
> > unless something drastically changed in the RFC's for IPv4 which I am not
> > aware of...
CIDR
> only on a /24. on /0 - /23 only the first .0 is network, and the last
> .255 broadcast. on /25-/30 it depends on where the network begins and
> ends. /31 has no directed broadcast. /32 is a single host and similarly
> has no directed broadcast.
Or, put another way: Do the addresses in binary. Then convert
to dotted quad.
> > I for one am filtering .0 and .255 at my border routers, and also rate
> > limiting echo at a reasonable rate... and have never gotten a complaint
> > about people not being able to reach or be reached...
Ughh. Take 10.0.0.0/22: What is 10.0.0.255? How about 10.0.1.0?
Misconfiguration like this is why I (and others) recommend not
using ...0 or ...255 addresses, even if valid.
As you (Stephen) pointed out, what about 172.16.16.16/29? The
smurf amplifiers there would be 172.16.16.16 and 172.16.16.23.
In incomplete C:
uint32_t ip_addr ;
uint32_t netmask ; /* assume that it's valid */
if ( 0 == (ip_addr & ~netmask) )
this_is_all_0s ;
if ( ~netmask == (ip_addr & ~netmask) )
this_is_all_1s ;
Eddy
---------------------------------------------------------------------------
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
---------------------------------------------------------------------------
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@brics.com>
To: blacklist@brics.com
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT
send mail to <blacklist@brics.com>, or you are likely to be blocked.
