traffic filtering
Joe Abley
jabley at automagic.org
Tue Jan 22 20:50:56 UTC 2002
On Tue, Jan 22, 2002 at 01:57:07PM -0600, J.F. Noonan wrote:
>
> On Tue, 22 Jan 2002 at 12:34pm Joe Abley wrote:
>
> > On Mon, Jan 21, 2002 at 05:53:16PM -0500, Stephen Griffin wrote:
> > > I'm curious about how many networks completely filter all traffic to
> > > any ip address ending in either ".0" or ".255".
> >
> > I heard recently that Windows 2000 will refuse to send packets
> > to addresses with the least-significant octet 255, if the most-
> > significant octet indicates the address lies in a pre-CIDR class
> > C. So, for example, 192.168.0.255 would be unreachable from a
> > windows 2000 machine, regardless of the fact that it might be
> > a legitimate host numbered within 192.168.0.0/23.
>
> Not true. M$ is guilty of many evil things, but not this one.
I just tried this. This is not exhaustive. I may well have made
some kind of some screw-up. Interpret as you will. Contents may
have settled in transit.
NetBSD 1.5.2 i386 FreeBSD 4.5-PRERELEASE
| |
---+------------+------------+----
|
Win2k SP3
I configured the following addresses:
NetBSD: 192.168.0.1/23, 192.168.0.255/23
FreeBSD: 192.168.0.20/23
Win2k: 192.168.0.30/23
FreeBSD box can ping 192.168.0.1. FreeBSD box can ping 192.168.0.255.
NetBSD box can ping 192.168.0.20. NetBSD box can ping 192.168.0.30
(tcpdump shows the NetBSD box is using a source of 192.168.0.1 for
these pings).
Win2k box can ping 192.168.0.1. Win2k box can ping 192.168.0.20.
Win2k cannot ping 192.168.0.255:
C:\>ping 192.168.0.255
Pinging 192.168.0.255 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.0.255:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
NetBSD box is receiving the requests, however, and replying to them.
tcpdump shows:
15:30:39.753003 192.168.0.20 > 192.168.0.255: icmp: echo request
15:30:39.753307 192.168.0.255 > 192.168.0.20: icmp: echo reply
15:30:41.228742 192.168.0.20 > 192.168.0.255: icmp: echo request
15:30:41.229053 192.168.0.255 > 192.168.0.20: icmp: echo reply
15:30:42.230249 192.168.0.20 > 192.168.0.255: icmp: echo request
15:30:42.230555 192.168.0.255 > 192.168.0.20: icmp: echo reply
15:30:43.231735 192.168.0.20 > 192.168.0.255: icmp: echo request
15:30:43.232046 192.168.0.255 > 192.168.0.20: icmp: echo reply
So, the Windows box seems to behave differently when dealing with
the particular address ending in 255 that I tried.
I guess the rule of thumb when numbering devices which need to
coexist with Windows is "avoid 255".
Joe
More information about the NANOG
mailing list