On 9/14/20 2:25 PM, Andrey Khomyakov wrote:
TL;DR I suspect there are middle boxes that don't like IPs ending in .255. Anyone seen that?
Yes. We'd every so often get random complaints that "my friend can't reach my website but I can", etc., with not enough detail to track it down. The problem would disappear when we moved it to another IP address.
Because of this, we stopped allocating customer websites on .0 and .255 IP addresses about 10 years ago, instead using them for internal / controlled access purposes where we could investigate any problems. (Which never occur. <shrug>)
We have started using .0 and .255 again in the past two years more or less. here is what one NAS shows 26 .255 users and 21 .0 users asr1006-jn1#sh user | count \.255$ Number of lines which match regexp = 26 asr1006-jn1#sh user | count \.0$ Number of lines which match regexp = 21 We do occasionally have to change an IP but it is rare and for the most part things just work. This is much different to 10 years ago where it was impossible to use them and we needed to exclude them from our pools. A plus, it is kind of fun when a super consultant calls and says he can't use a broadcast/network address for nat or a vpn endpoint. Brian