Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: traffic filtering

  • From: Joe Abley
  • Date: Tue Jan 22 15:55:49 2002

On Tue, Jan 22, 2002 at 01:57:07PM -0600, J.F. Noonan wrote:
> On Tue, 22 Jan 2002 at 12:34pm Joe Abley wrote:
> > On Mon, Jan 21, 2002 at 05:53:16PM -0500, Stephen Griffin wrote:
> > > I'm curious about how many networks completely filter all traffic to
> > > any ip address ending in either ".0" or ".255".
> >
> > I heard recently that Windows 2000 will refuse to send packets
> > to addresses with the least-significant octet 255, if the most-
> > significant octet indicates the address lies in a pre-CIDR class
> > C. So, for example, would be unreachable from a
> > windows 2000 machine, regardless of the fact that it might be
> > a legitimate host numbered within
> Not true.  M$ is guilty of many evil things, but not this one.

I just tried this. This is not exhaustive. I may well have made
some kind of some screw-up. Interpret as you will. Contents may
have settled in transit.

  NetBSD 1.5.2 i386         FreeBSD 4.5-PRERELEASE
    |                         |
               Win2k SP3

I configured the following addresses:


FreeBSD box can ping FreeBSD box can ping
NetBSD box can ping NetBSD box can ping
(tcpdump shows the NetBSD box is using a source of for
these pings).

Win2k box can ping Win2k box can ping
Win2k cannot ping


  Pinging with 32 bytes of data:

  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.

  Ping statistics for
      Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
  Approximate round trip times in milli-seconds:
      Minimum = 0ms, Maximum =  0ms, Average =  0ms


NetBSD box is receiving the requests, however, and replying to them.
tcpdump shows:

  15:30:39.753003 > icmp: echo request
  15:30:39.753307 > icmp: echo reply
  15:30:41.228742 > icmp: echo request
  15:30:41.229053 > icmp: echo reply
  15:30:42.230249 > icmp: echo request
  15:30:42.230555 > icmp: echo reply
  15:30:43.231735 > icmp: echo request
  15:30:43.232046 > icmp: echo reply

So, the Windows box seems to behave differently when dealing with
the particular address ending in 255 that I tried.

I guess the rule of thumb when numbering devices which need to
coexist with Windows is "avoid 255".


Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.