On Sat, 26 Jun 2004, Tony Li wrote:

> The .255 address is very likely to be a broadcast address from a
> netblock of /24 or longer.  I would suspect that folks are wary of
> accepting packets from a broadcast address as that could easily be a
> smurf. The .0 address was used as a broadcast address long ago and then
> was deprecated, so the same rationale probably applies.

I have a case where this is currently biting me.  I've got a few small
blocks of address space that I've chopped up into /32's for router
loopback IPs.  These are in /24's which have been subnetted with various
sized customer subnets and then a /27 or so worth of router loopback
/32's.  One in particular is:

interface Loopback0
 ip address 209.208.6.255 255.255.255.255

I found some time ago that my home DSL connected network could not reach
(telnet, ping, etc.) that router's loopback.  Our monitoring system could,
and several iBGP peers could, so I didn't notice the issue until one night
when trying to do some work from home.

What I've found is that one of our routers (7206 doing T1/DSL aggregation
running 12.1T)  has .255 issues.  Yes, it does have ip subnet-zero & ip
classless in the config.  What's really odd is, from that 7206, I can
traceroute to 209.208.6.255, but if I ping 209.208.6.255 from it, I get
replies from another 209.208.6.x address on a connected T1 customer's CPE,
as if the ping was sent out as a broadcast ping.

#sh ip ro 209.208.6.255
Routing entry for 209.208.6.255/32
  Known via "ospf 1", distance 110, metric 20, type extern 2, forward
metric 4
  Last update from 209.208.16.29 on FastEthernet0/0.1, 00:46:47 ago
  Routing Descriptor Blocks:
  * 209.208.16.29, from 209.208.6.255, 00:46:47 ago, via FastEthernet0/0.1
      Route metric is 20, traffic share count is 1

#ping 209.208.6.255

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.208.6.255, timeout is 2 seconds:

Reply to request 0 from XXXXXXXXXX (209.208.6.xyz), 68 ms
Reply to request 1 from XXXXXXXXXX (209.208.6.xyz), 68 ms
Reply to request 2 from XXXXXXXXXX (209.208.6.xyz), 68 ms
Reply to request 3 from XXXXXXXXXX (209.208.6.xyz), 68 ms
Reply to request 4 from XXXXXXXXXX (209.208.6.xyz), 68 ms

I suppose I'll give up on using the .255 IP, but I've not been looking
forward to changing that as it means redoing half a dozen BGP peerings.

----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Reply via email to