nanog mailing list archives
Re: traffic filtering
From: Joe Abley <jabley () automagic org>
Date: Tue, 22 Jan 2002 15:50:56 -0500
On Tue, Jan 22, 2002 at 01:57:07PM -0600, J.F. Noonan wrote:
On Tue, 22 Jan 2002 at 12:34pm Joe Abley wrote:On Mon, Jan 21, 2002 at 05:53:16PM -0500, Stephen Griffin wrote:I'm curious about how many networks completely filter all traffic to any ip address ending in either ".0" or ".255".I heard recently that Windows 2000 will refuse to send packets to addresses with the least-significant octet 255, if the most- significant octet indicates the address lies in a pre-CIDR class C. So, for example, 192.168.0.255 would be unreachable from a windows 2000 machine, regardless of the fact that it might be a legitimate host numbered within 192.168.0.0/23.Not true. M$ is guilty of many evil things, but not this one.
I just tried this. This is not exhaustive. I may well have made some kind of some screw-up. Interpret as you will. Contents may have settled in transit. NetBSD 1.5.2 i386 FreeBSD 4.5-PRERELEASE | | ---+------------+------------+---- | Win2k SP3 I configured the following addresses: NetBSD: 192.168.0.1/23, 192.168.0.255/23 FreeBSD: 192.168.0.20/23 Win2k: 192.168.0.30/23 FreeBSD box can ping 192.168.0.1. FreeBSD box can ping 192.168.0.255. NetBSD box can ping 192.168.0.20. NetBSD box can ping 192.168.0.30 (tcpdump shows the NetBSD box is using a source of 192.168.0.1 for these pings). Win2k box can ping 192.168.0.1. Win2k box can ping 192.168.0.20. Win2k cannot ping 192.168.0.255: C:\>ping 192.168.0.255 Pinging 192.168.0.255 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.0.255: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\> NetBSD box is receiving the requests, however, and replying to them. tcpdump shows: 15:30:39.753003 192.168.0.20 > 192.168.0.255: icmp: echo request 15:30:39.753307 192.168.0.255 > 192.168.0.20: icmp: echo reply 15:30:41.228742 192.168.0.20 > 192.168.0.255: icmp: echo request 15:30:41.229053 192.168.0.255 > 192.168.0.20: icmp: echo reply 15:30:42.230249 192.168.0.20 > 192.168.0.255: icmp: echo request 15:30:42.230555 192.168.0.255 > 192.168.0.20: icmp: echo reply 15:30:43.231735 192.168.0.20 > 192.168.0.255: icmp: echo request 15:30:43.232046 192.168.0.255 > 192.168.0.20: icmp: echo reply So, the Windows box seems to behave differently when dealing with the particular address ending in 255 that I tried. I guess the rule of thumb when numbering devices which need to coexist with Windows is "avoid 255". Joe
Current thread:
- Re: traffic filtering, (continued)
- Re: traffic filtering Jake Khuon (Jan 21)
- Re: traffic filtering Stephen Griffin (Jan 21)
- Re: traffic filtering John Kristoff (Jan 21)
- Re: traffic filtering Stephen Griffin (Jan 21)
- Re: traffic filtering Jim Segrave (Jan 22)
- Re: traffic filtering Avleen Vig (Jan 21)
- Re: traffic filtering Joe Abley (Jan 22)
- Re: traffic filtering E.B. Dreger (Jan 22)
- Re: traffic filtering J.F. Noonan (Jan 22)
- Re: traffic filtering J.F. Noonan (Jan 22)
- Re: traffic filtering Joe Abley (Jan 22)
- Re: traffic filtering Jay Ford (Jan 24)
- Re: traffic filtering Stephen J. Wilcox (Jan 24)
- Re: traffic filtering Niels Bakker (Jan 27)
- Re: traffic filtering E.B. Dreger (Jan 22)
- Re: traffic filtering Matthew S. Hallacy (Jan 23)