On Wed, 18 Oct 2000, Micah Cowan wrote:
> On Wed, Oct 18, 2000 at 01:31:16PM -0700, [EMAIL PROTECTED] wrote:
> > 192.0.0.0/255.0.0.0 falls within the 192.0.0.0-223.255.255.255 "Class C"
> > address range which is supposed to use 255.255.255.0 masks, but nobody
> > pays much attention to that in real routing anymore. That is, the
> > InterNIC will probably not assign you more than 256 addresses in a block
> > in that range, but they may assign less and you may elect to subdivide the
> > block you get further for your own routing purposes.
> >
> > By blocking 192.0.0.0/255.0.0.0 you are almost certainly blocking some
> > valid public ip addresses, since the class C private addresses are limited
> > to 256 networks of 256 hosts each, in the range 192.168.x.y. You probably
> > want to deny 192.168.0.0/255.255.255.0.
>
> Untrue. The 255 in 255.0.0.0 locks all 8 bits in the first field,
> which means that it *only* applies to addresses in the 192 network.
> The range would be 192.0.0.0 - 192.255.255.255, not 223.255.255.255.
You misread what I said. Class C is DEFINED to be
192.0.0.0-223.255.255.255, and other than this CONVENTION, has nothing to
do with the masks actually in use. The range that Peter specified happens
to fall within this range, which means using 255.0.0.0 would be a rather
strange thing to do and 255.255.255.0 would be more conventional.
> Still, using the given mask would still potentially block outside
> traffic. But using a filter of 192.168.0.0/255.255.255.0 would
> potentially allow internal traffic from legal internal source IPs
> (such as 192.168.2.45). Use 192.168.0.0/255.255.0.0.
Peter never specified that he planned to use networks of the form
192.168.x.0 for x>0. There are reasons why you might prefer to allow
these other addresses in (makes some traceroutes easier to understand) but
they are not network-breakers. Either 255.255.255.0 or 255.255.0.0 would
be good, but 255.0.0.0 would not.
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
Work:<[EMAIL PROTECTED]> Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
