248.x.x.x is in 'Class E' space which is invalid on the Internet... x.x.255.x are perfectly valid addresses, indeed we have 193.0.255.0/24.. subnet-zero isnt relevant either, this would be for eg a class B using a 255.255.255.0 subnet mask, since we dont bother with classful addressing and we're not talking about the local addressing policy this isnt of relevance. you have some confusion with 'ip route' and acls, these do not fulfill the same purpose.. ip route wont help yuo as that is used to control the route to the destination and that would be your legitimate host. an acl could help tho, you can safely deny 'access-l 100 den ip 240.0.0.0 15.255.255.255 any' to block anything with a similar source address. just in case you get too excited with your acls, dont go arbitrarily blocking other addresses (multicast, bogons, rfc1918 [10.x.x.x, 192.168.x.x] else u may break some stuff!) and just to clarify your problem of how these invalid addresses were 'routed' .. as above packets are routeed based on destination only, you can spoof and put junk in the source and it will still traverse the internet quite legitimately. Steve On Sat, 21 Feb 2004, Geo. wrote:
traceroute to 248.245.255.191, that's what made me think it was invalid.
I did get the answer, I was being stupid and trying to use IP route instead of an acl. Thanks to everyone who replied, even the "nooooooooo" guy.
Geo. (I'm not the cisco guy, I was just the only one working last night)
----- Original Message ----- From: "Bill Woodcock" <woody@pch.net> To: "Geo." <georger@getinfo.net> Cc: <nanog@merit.edu> Sent: Saturday, February 21, 2004 8:03 AM Subject: Re: routing invalid IP addresses
> x.x.255.x isn't a valid IP address > Clue me in?
Clue: it's a valid address.
-Bill