While it is often great sport to poke at MS, did you consider that this might have nothing to do with classfullness or CIDR? I believe you will find that 0 & -1 are invalid for whatever netmask the windows stack is given. You might also find that some 'features' are mitigation for exploits that existed at one time (possibly long before some of the thread participants were in high school). The fact that other OS's support an inverted state is not necessarily a reason to change the Windows behavior. Be very aware that it is much easier to sit in judgment than it is to actually provide support for the technically clueless masses. Also be aware that exploits are targeted where they will have the most impact, so the fact that someone is not taking advantage of a niche OS is a point in time phenomena. Long before Windows shipped, the target of that period was the various flavors of Unix. Tony
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Jonathan McDowell Sent: Sunday, June 27, 2004 2:45 AM To: nanog@nanog.org Subject: Re: The use of .0/.255 addresses.
On Sat, Jun 26, 2004 at 07:41:17PM -0400, Chris Ranch wrote:
I see traffic from this last IP address octet all the time from prefixes of length less than /24. Use of these host id's when the prefix length is greater than or equal to /24 is illegal. So if that's your case, I'd suggest not doing it.
It's from a /24 assignment, but is actually being used for tunnel endpoints, so there seemed to be no reason not to use the .0 address.
If that's not the case, look for over-zealous or incorrect filters in the path. I saw this situation once before. There was a border ingress filter with a typo in it...
I spent a long time looking for each filters, and watching traffic leave our network but not receiving any replies, while traceroutes would work just fine.
As Peter points out, it's from what would have been Class C space, so it looks like I'm getting bitten by the Windows stuff. All 3 sites I mentioned as not being accessible are running under Windows according to Netcraft.
J.
-- Revd. Jonathan McDowell, ULC | I don't know. I'm a dog.