The use of .0/.255 addresses.

Stephen J. Wilcox steve at telecomplete.co.uk
Sun Jun 27 13:29:18 UTC 2004


On Sat, 26 Jun 2004, Jon Lewis wrote:

> 
> On Sat, 26 Jun 2004, Tony Li wrote:
> 
> > The .255 address is very likely to be a broadcast address from a
> > netblock of /24 or longer.  I would suspect that folks are wary of
> > accepting packets from a broadcast address as that could easily be a
> > smurf. The .0 address was used as a broadcast address long ago and then
> > was deprecated, so the same rationale probably applies.
> 
> I have a case where this is currently biting me.  I've got a few small
> blocks of address space that I've chopped up into /32's for router
> loopback IPs.  These are in /24's which have been subnetted with various
> sized customer subnets and then a /27 or so worth of router loopback
> /32's.  One in particular is:
> 
> interface Loopback0
>  ip address 209.208.6.255 255.255.255.255

Hi Jon,
 I currently have a few .255/32s with Cisco and Foundry products and have
various windows/linux/OSX machines that access them without problems..

> I found some time ago that my home DSL connected network could not reach
> (telnet, ping, etc.) that router's loopback.  Our monitoring system could,
> and several iBGP peers could, so I didn't notice the issue until one night
> when trying to do some work from home.

I could see the problem with DSL's where the provider may be interfering.. 
surprised about your monitoring tho...

> What I've found is that one of our routers (7206 doing T1/DSL aggregation
> running 12.1T)  has .255 issues.  Yes, it does have ip subnet-zero & ip
> classless in the config.  What's really odd is, from that 7206, I can
> traceroute to 209.208.6.255, but if I ping 209.208.6.255 from it, I get
> replies from another 209.208.6.x address on a connected T1 customer's CPE,
> as if the ping was sent out as a broadcast ping.

that looks really interesting. be curious as to how it gets forwarded across 
to CPE box to get the reply at all (even if it confuses the broadcast, surely 
you have directed broadcast disabled on 7206 + CPE)?

Steve

> 
> #sh ip ro 209.208.6.255
> Routing entry for 209.208.6.255/32
>   Known via "ospf 1", distance 110, metric 20, type extern 2, forward
> metric 4
>   Last update from 209.208.16.29 on FastEthernet0/0.1, 00:46:47 ago
>   Routing Descriptor Blocks:
>   * 209.208.16.29, from 209.208.6.255, 00:46:47 ago, via FastEthernet0/0.1
>       Route metric is 20, traffic share count is 1
> 
> #ping 209.208.6.255
> 
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 209.208.6.255, timeout is 2 seconds:
> 
> Reply to request 0 from XXXXXXXXXX (209.208.6.xyz), 68 ms
> Reply to request 1 from XXXXXXXXXX (209.208.6.xyz), 68 ms
> Reply to request 2 from XXXXXXXXXX (209.208.6.xyz), 68 ms
> Reply to request 3 from XXXXXXXXXX (209.208.6.xyz), 68 ms
> Reply to request 4 from XXXXXXXXXX (209.208.6.xyz), 68 ms
> 
> I suppose I'll give up on using the .255 IP, but I've not been looking
> forward to changing that as it means redoing half a dozen BGP peerings.


> 
> ----------------------------------------------------------------------
>  Jon Lewis                   |  I route
>  Senior Network Engineer     |  therefore you are
>  Atlantic Net                |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
> 




More information about the NANOG mailing list