North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: traffic filtering
- From: John Kristoff
- Date: Mon Jan 21 18:13:27 2002
Stephen Griffin wrote:
> I'm curious about how many networks completely filter all traffic to
> any ip address ending in either ".0" or ".255".
I've only heard of one other institution doing this.
> I'm curious because any network /0-/23,/31,/32 can legitimately have
> ip addresses in-use which end as such. /32's can obviously have (most) any ip
> address, since there is no notion of a network or broadcast address. /31
> doesn't have a directed broadcast. For /0-/23 only the first ".0" and the
> last ".255" correspond to reserved addresses. All of the intervening
> addresses are legal.
Right. That is exactly why this is generally at least a silly, if not
> Is this type of filtering common? What alternate solutions are available
I don't think it is very common. I'd be curious to hear otherwise.
> to mitigate (I'm assuming) concerns about smurf amplifiers, that still
> allow traffic to/from legitimate addresses. What rationale is used to
Devices that forward (routers) should provide mechanisms to disable the
forwarding of directed broadcasts. See the following RFC:
> filter all traffic to network/broadcast addresses of /24 networks while
> ignoring network/broadcast of /25-/30? For that matter, what percentage
> of smurf amplifiers land on /24 boundaries?
Rationale? Perhaps sites that only use /24 in their route tables have
that rationale? Otherwise its probably due to a misunderstanding of IP