Re: traffic filtering

["Matthew S. Hallacy" <poptix () techmonkeys org>]

On Tue, Jan 22, 2002 at 05:04:36PM +0000, E.B. Dreger wrote:
> Ughh.  Take 10.0.0.0/22: What is 10.0.0.255? How about 10.0.1.0?
>
> Misconfiguration like this is why I (and others) recommend not
> using ...0 or ...255 addresses, even if valid.
[snip]

A quick look on IRC provides this:

146.172.78.255 ti511220a080-0255.bb.online.no
61.211.184.255 255.net061211184.t-com.ne.jp
24.127.52.255 we-24-127-52-255.we.mediaone.net
217.156.28.255 217.156.28.255
172.190.251.255 ACBEFBFF.ipt.aol.com
24.129.205.0 24.129.205.0
158.39.125.0 pc5000.ikt.ssin.no
146.172.31.0 ti121210a080-0768.bb.online.no
148.64.142.0 vsat-148-64-142-0.c7.sb7.mrt.starband.net
146.172.33.0 ti100710a080-0256.bb.online.no
66.110.162.0 adsl-66.110.162-0.globetrotter.net
146.172.33.0 ti100710a080-0256.bb.online.no
172.189.1.0 ACBD0100.ipt.aol.com

Granted, it's a small sample, but it proves that these [valid] addresses are
in widespread use, they do work, and there's no real reason to not use them..
Filtering on *.255 and *.0 won't catch the other broadcast/network addresses
on different subnet masks, and you wouldn't have to filter at all if the network
we properly configured =)

> Eddy

-- 
Matthew S. Hallacy                               CACU, PWGCS, and BOFH Certified
http://techmonkeys.org/~poptix                         GPG public key 0x01938203