North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: The use of .0/.255 addresses.

  • From: Tony Hain
  • Date: Mon Jun 28 14:44:07 2004

While it is often great sport to poke at MS, did you consider that this
might have nothing to do with classfullness or CIDR? I believe you will find
that 0 & -1 are invalid for whatever netmask the windows stack is given. You
might also find that some 'features' are mitigation for exploits that
existed at one time (possibly long before some of the thread participants
were in high school). The fact that other OS's support an inverted state is
not necessarily a reason to change the Windows behavior. Be very aware that
it is much easier to sit in judgment than it is to actually provide support
for the technically clueless masses. Also be aware that exploits are
targeted where they will have the most impact, so the fact that someone is
not taking advantage of a niche OS is a point in time phenomena. Long before
Windows shipped, the target of that period was the various flavors of Unix.

Tony

> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On Behalf Of
> Jonathan McDowell
> Sent: Sunday, June 27, 2004 2:45 AM
> To: [email protected]
> Subject: Re: The use of .0/.255 addresses.
> 
> 
> On Sat, Jun 26, 2004 at 07:41:17PM -0400, Chris Ranch wrote:
> > I see traffic from this last IP address octet all the time from
> > prefixes of length less than /24.  Use of these host id's when the
> > prefix length is greater than or equal to /24 is illegal.  So if
> > that's your case, I'd suggest not doing it.
> 
> It's from a /24 assignment, but is actually being used for tunnel
> endpoints, so there seemed to be no reason not to use the .0 address.
> 
> > If that's not the case, look for over-zealous or incorrect filters in
> > the path.  I saw this situation once before.  There was a border
> > ingress filter with a typo in it...
> 
> I spent a long time looking for each filters, and watching traffic leave
> our network but not receiving any replies, while traceroutes would work
> just fine.
> 
> As Peter points out, it's from what would have been Class C space, so it
> looks like I'm getting bitten by the Windows stuff. All 3 sites I
> mentioned as not being accessible are running under Windows according to
> Netcraft.
> 
> J.
> 
> --
> Revd. Jonathan McDowell, ULC | I don't know. I'm a dog.