From: Paul Zugnoni [mailto:paul.zugnoni@jivesoftware.com]
Curious whether it's commonplace to find systems that automatically regard .0 and .255 IP addresses (ipv4) as src/dst in packets as traffic that should be considered invalid. When you have a pool of assignable addresses, you should expect to see x.x.x.0 and x.x.x.255 in passing traffic (ie. VIP or NAT pool, or subnets larger than /24). Yet I've run into a commercial IP mgmt product and getting reports of M$ ISA proxy that is specifically blocking traffic for an IP ending in .0 or .255.
Any experience or recommendations? Besides replace the ISA proxy.... Since it's not mine to replace. Also curious whether there's an RFC recommending against the use of .0 or .255 addresses for this reason.
We're a web host and over the past 12 years we've randomly attempted to put non-critical customer sites on .0 and .255 addresses and found customers fairly consistently had problems accessing them. These would typically be sites for development, etc. where the customer was the only one accessing it and even then it has been a high percentage of failures. It is nearly always the customer's small biz / home office cheap-o router that is the issue even in this day and age but occassionally it has been the ISP as well. I haven't kept a list of vendors/isp's unfortunately so I don't have more useful information to offer you other than that it's still a problem. We still use those addresses for that purpose since they'd otherwise go to waste but most of the time it ends up being changed when the customer tries to access it from somewhere and can't. David