Home page logo

nanog logo nanog mailing list archives

Re: SMURF amplifier block list
From: jlixfeld () idirect ca
Date: Fri, 17 Apr 1998 15:32:35 -0400 (EDT)

Anyone mind sharing that conversation?

On Wed, 15 Apr 1998, James R. Cutler wrote:

:I now understand the confusion -- You are speaking of the
:dotted decimal representation of the 32 bit IP address without
:regard to masking.  I am speaking of the masked address which
:results in a (mask length) network number part and a 
:(32 - mask length) host number.  This means you think of
:address components as octets (bytes) and I think of the 
:effective network number and the effective host number, the
:sizes of which are determined only by the mask. 
:Or another way to this is that the routers and hosts do not
:see the dotted notation except in the configuration dialogs.
:Internal to the routing processes the effective network
:number determines the routing between subnets and a broadcast
:address is any address where the host number is all ones.
:Another way to look at this is to say you are thinking about
:IP addressing in a "classful" manner whilst I am speaking in
:a "classless" manner. Believe me, the transition from classful 
:to classless thinking in IP addressing is not an easy thing. 
:None of the RFCs are simple to understand.
:So, I guess I'm not in trouble after all.
:       JimC
:At 8:49 PM -0400 4/14/98, Jay R. Ashworth wrote:
:>On Tue, Apr 14, 1998 at 04:52:06PM -0400, James R. Cutler wrote:
:>> I have a B assignment.  I have switched infrastructure segments
:>> with /22 masking.  Do you mean to say that the host number
:>> range on each /22 masked segment is not continuous 1 through 1022,
:>> but has several holes instead.? The network seems to be working
:>> properly.  I may be in big trouble!
:>> None of my TCP/IP courses or books or Cisco CDs have prepared me for 
:>> such a surprise.  Please point me to a text which will explain this.  
:>None of my study of TCP in the past 5 years has prepared me for the
:>idea that someone might think that any component of an IP address might
:>be greater than 255.  They're decimal representations of _8 bit_
:>No matter _where_ the net/subnet break is, you _still_ _write_ them as
:>Yes, conceptually, you might _read_ the addresses that way, but I'm 
:>pretty sure that not one piece of equipment you own will let you
:>_write_ them that way, will they?
:>Now, to get back to the conversation at hand: the proposition was that
:>blocking ingress to addresses ending in .255 makes it much more
:>difficult for your network to be used as a "smurf amplifier" (and if
:>you don't know what that is, you haven't been following the discussin
:>(and links) on this list in the last month or 3).
:>Yes, if you have internal networks larger than a /24, then that means
:>you'll lose extra addresses if you do this.
:>The point is that if you _don't_ avoid using host addresses that end in
:>.255 _whether that address is a broadcast address based on your netmask
:>or not_, then you're likely to find yourself with hosts that either can't
:>talk, or can't be talked _to_.
:>Now have I made myself clear?
:>-- jra
:>Jay R. Ashworth                                                jra () baylink com
:>Member of the Technical Staff             Unsolicited Commercial Emailers Sued
:>The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
:>Tampa Bay, Florida             on alt.fan.heinlein             +1 813 790 7592
:>Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
:James R. Cutler
:EDS , 800 Tower Drive, Troy, MI 48098
:Phone: +1 248 265 7514   FAX: +1 248 265 7514
:EDS Internal Web: <http://www.iscg.eds.com/cutler/>
:World Wide Web: <http://www.ltu.edu/midecus/dechtm/cutler/cutler.htm>


Jason A. Lixfeld             jlixfeld () idirect ca
iDirect Network Operations   jlixfeld () torontointernetxchange net

TUCOWS Interactive Ltd. o/a  | "A Different Kind of Internet Company"
Internet Direct Canada Inc.  | "FREE BANDWIDTH for Toronto Area IAPs"
5415 Dundas Street West      | http://www.torontointernetxchange.net
Suite 301, Toronto Ontario   | (416) 236-5806        (T)
M9B-1B5 CANADA               | (416) 236-5804        (F)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]