When define a subnet, such as 1.2.3.0/24, it means 255 hosts in the subnet start from 1.2.3.0 to 1.2.3.255.
But what if I wrongly define the subnet with 1.2.3.64/24? Does it then mean the range is start from 1.2.3.64 to 1.2.3.255?
I could not find a formal document about this.
EDIT: in Java ipaddress lib (5.2.1), the 1.2.3.64/24 will be treated as range from 1.2.3.64 to 1.2.3.255, instead of 1.2.3.0 to 1.2.3.255!. The code is: new IPAddressString("1.2.3.64/24").getSequentialRange()
EDIT: My apology: the above description of ipaddress lib's behavior is wrong. It was other things that caused me think the the range become 1.2.3.64 to 1.2.3.255.
Indeed, the
new IPAddressString("1.2.3.64/24").getSequentialRange().getLower()
is 1.2.3.64,
and
new IPAddressString("1.2.3.64/24").getSequentialRange().getUpper()
is also 1.2.3.64,
so I think this is a reasonable implementation!. I have no problem of that.
The
new IPAddressString("1.2.3.64/24").getAddress().toPrefixBlock().getLower()`
will be the expect one: 1.2.3.0.
And the `.getUpper()` is 1.2.3.255.
so this is the perfect way to get correct ip range.
There is no formal specification indicating that setting the un-fixed bits (the host bits) to 0 is a convention. However, it is common practice when describing a subnet as opposed to a single address, that you leave the host bits as zero. It is an informal convention. If you are describing a subnet, why would you set those bits to anything other than zero if they are intended to be ignored? So that is what all network engineers and most other people do, they leave the bits as zero when they are describing the full subnet, when the host can take on any value.
The specification for something like 1.2.3.64/24 is that the network part of the address is the first 24 bits, and the host part of the address is the remaining 8 bits. So, the network is 1.2.3.0 and the host is 0.0.0.64. The specification says nothing else.
Likewise, 1.2.3.0/24 indicates the network is 1.2.3.0 and the host is 0.0.0.0. However, like I said, when the host is 0, that is commonly used to refer to the entire subnet, meaning the host can take on any value. When people write down a string for that subnet of 255 addresses, they will write 1.2.3.0/24.
In fact, it is unusual to see 1.2.3.0 used as a single address because many routers do not accept a host of 0.
How you parse those things is specific to any library. Some libraries parse 1.2.3.64/24 as the whole subnet, throwing out the 0.0.0.64. Some libraries parse 1.2.3.64/24 as 1.2.3.64. Some libraries have separate methods to do one or the other.
With the IPAddress library, the same parser parses both addresses and subnets. When it parses 1.2.3.64/24 or 1.2.3.0/24, the parser needs to decide what you mean by each. For the former, it interprets 1.2.3.64/24 as the address 1.2.3.64 with prefix length 24, because why else is the 0.0.0.64 there at all if you do not intend that 64 to mean something? Why throw it out?
For 1.2.3.0/24, it interprets that as the whole subnet, because, like I said, a host of 0 is commonly used to refer to the entire subnet, and it is rare to use 1.2.3.0 as an address.
However, if you wish to choose some other meaning when parsing those things, the library provides other options.
There is no formal specification for this. In fact, there is no formal specification for a lot of the different aspects of IP addressing, a lot of it is informal and simply evolved over the years to the common practices in use.
new IPAddressString("1.2.3.64/24").getSequentialRange() is parsed as the range "1.2.3.64 -> 1.2.3.64". Earlier versions of the library behaved differently, but that is how all the latest releases for the last few years parse it.
Disclaimer: I am the project manager of that library.
It's interesting because I too can't seem to find any formal specification on why setting the un-fixed bits to 0 is the convention. Looking at RFC 4632 says:
[Classless prefixes] make explicit which bits in a 32-bit IPv4
address are interpreted as the network number (or prefix) associated
with a site and which are the used to number individual end systems
within the site.
Even with the convention of setting the un-fixed bits to 0, you may have CIDR notation that has an IP ending in a non-zero number. For example: 192.168.1.254/31 which represents the range of IPs from 192.168.1.254 to 192.168.1.255.
CIDR notation only specifies the number of bits that are fixed, so even if you put .64 it would appear that the /24 still represents only 24 fixed bits of the IP address.
You can see that the CIDR Calculator from ARIN shows that 1.2.3.64/24 still represents all IP addresses from 1.2.3.0 to 1.2.3.255.
Screenshot here.
Now it may be that different systems are implemented to handle this situation differently, so I would personally follow the convention, but from the perspective of CIDR notation (and what I can seem to find in the RFC) it should still represent the entire range.
Related
The question is really basic, but I could not find reliable sources after googling for a while.
What are the standard ways to indicate subnetworks or network segments as a range of IP addresses?
For instance, the range 1.2.3.0/24 corresponds to the set of IP addresses whose first 3 octets are 1.2.3. I think this could be written as 1.2.3.0-1.2.3.255, if the notation $firstip-$lastip is valid.
Is this notation valid? Would something like 1.2.3.0-255 be valid as well?
I'm interested to both IPv4 and IPv6.
Normally, you don't use ranges, you use CIDR notation.
With CIDR, a suffix /n is used to indicate the length of the network mask. 10.0.0.0/8 represents 10.0.0.0-10.255.255.255 and so on.
Anything else is not really standard and depends on the context. Essentially, you can use any notation that is not ambiguous. I'd accept a range in the last octet or for the full address but nothing in between (like 1.2.3-5.0-255).
With IPv6 there's little necessity to use 'crooked', non-binary ranges due to the vast address space. Just use subnets indicating the prefix length at all times.
I'm refactoring some of my network code due to Apple's guidelines to support full IPv6 networks, and they state one reason for this is that carriers are starting to make the conversion.
When I test with Apple's NAT64 network, I see IPv4 addresses coming in mapped to IPv6 in the form:
64:ff9b::xxxx:yyyy
Based on the NAT64 spec, it seems there are other possibilities, but I am not sure if these are ever used.
I'm hoping that I can just assume the above format, but I would like to know what NAT64 mapping styles other phone carriers are using.
EDIT: I omitted an important detail from my original question - that I need to do some filtering based on IPv4 ranges in certain scenarios. So I need to be able to convert IPv6 to IPv4 for the addresses where that is possible.
There are many ways. Don't assume anything. Query the DNS64 and use what you get. Everything else will break.
This was one task I had as homework I just can't seem to understand. And my teacher is having a hard time explaining it to class. So here I am:
The problem:
What is the subnet mask of following host-address range? 99.224.0.1 - 99.239.255.254
My solution (or as far as I got)
First i wrote down the IPs in binary:
99.224.0.1
01100011.11100000.00000000.00000001
99.239.255.254
01100011.11101111.11111111.11111110
What I know is this is a A class network. And I thought it must have something to do with the difference in the bits, so I started to compare. (highest first)
01100011.11101111.11111111.11111110
01100011.11100000.00000000.00000001 (diff)
-----------------------------------
00000000.00001111.11111111.11111111
I ignored the last bit, because of the network / broadcast address.
Now I can turn it around and have my subnet mask?:
11111111.11110000.00000000.00000000
255.240.0.0
My question is: Is my approach correct? Is there an easier way to do it (by hand, or calc)?
If I'm very far from the correct way to do it, could someone help me understand?
Thanks for any help.
Your answer is correct, except that classful addresses don't exist anymore. The internet moved to Classless Inter-Domain Routing (CIDR) in 1993 so your terminology is a bit outdated ;)
IP networking these days works with routing prefixes. A prefix is a range of IP addresses defined by the first address in that range and the number of fixed bits at the start of the address. Your example shows this nicely.
Your example range is 99.224.0.1 - 99.239.255.254. Actually it is 99.224.0.0 - 99.239.255.255 because when used on a subnet the first and last addresses are reserved (but still part of the subnet and prefix).
The first address in the prefix we already have: 99.224.0.0. You can see the prefix length from your binary calculation (slightly modified):
01100011.11101111.11111111.11111111
01100011.11100000.00000000.00000000
----------------------------------- (xor)
00000000.00001111.11111111.11111111
----------------------------------- (not)
11111111.11110000.00000000.00000000
Just count the number of 1s at the beginning: 12. So your prefix is 99.224.0.0/12. This prefix covers all addresses that match 01100011.1110****.********.********.
When writing the prefix length down as a subnet mask you indeed get 255.240.0.0.
A little off-topic here because it is about networking and not about the algorithm to calculate the subnet mask, but maybe helpful: an example of how you can plan network addressing:
Lets say that for my office building I get IP addresses 192.0.2.0/24 (that is 192.0.2.0 - 192.0.2.255, subnet mask 255.255.255.0, 256 addresses). I need 50 addresses for servers, 100 addresses for employee devices and 40 addresses for guests.
Because addressing works with prefixes everything you get is a power of 2. If you use a /24 you have a prefix with 256 addresses. The full address is 32 bits, the first 24 are fixed so you have 8 bits left to use. 28 = 256. If you use a /25 you have a prefix 128 addresses, a /26 has 64 addresses etc.
That way you can also split up a prefix. 192.0.2.0/24 can be split up into 192.0.2.0/25 and 192.0.2.128/25. And those can be split again and again until you have a prefix that covers only a single address: a /32.
back to the example. To get (at least) 50 addresses for the servers I need to round up to the next power of 2. That is 26 = 64. To have that many addresses I need a /26 prefix. For the client devices I need to round up to 128 (27) so we need a /25. For the guests the next power of 2 is 64 (26) so a /26.
So we need to split up out /24 into a /25 and two /26s. One possible solution is:
Client devices: 192.0.2.0/25
Servers: 192.0.2.128/26
Guests: 192.0.2.192/26
Once we configure these subnets on our devices the first and last address of each subnet become special (the network and broadcast address) so we can use these ranges for our devices:
Client devices: 192.0.2.1 - 192.0.2.126
Servers: 192.0.2.129 - 192.0.2.190
Guests: 192.0.2.193 - 192.0.2.254
I'm trying to make a list of all MAC addresses that are reserved, do not exist, should not be used, should only be used locally etc. (Just like the list of reserved IP-addresses on Wikipedia, but for MAC.) Basically I want to loop over all MAC-addresses from a switch and filter out the "real" ones.
This page suggests all addresses starting with 00-00-5E or 01-00-5E are reserved, but when I look them up it seems like 00-00-5E is also assigned to the Information Sciences Institute (part of a university in California).
So 2 questions:
1) Is there any place I can find a list of reserved MAC-adresses?
2) What's up with 00-00-5E? Is only part of that range reserved, or is there some reason they assigned it to ISI?
I was just looking into this myself recently. I believe that the IANA (which you refer to in one of your links) will give the most authoritative answer: IANA Ethernet Number Assignments
I don't think that this means that these addresses can never be used though. According to RFC5342, Section 2.1
"The 2**8 unicast identifiers from 00-00-5E-00-00-00 through 00-00-5E-00-00-FF are reserved and require IESG Ratification for allocation (see Section 5.1)."
So basically, it appears you need special permission from IESG (Internet Engineering Steering Group) to get an address in that range, which I suppose the ISI has obtained somehow.
Section 2.1 of RFC5342 deals with 48-Bit MAC Identifiers and OUIs, and it doesn't make any mention of any address ranges that are strictly forbidden or permanently reserved from what I've understood.
The following OUI are reserved as per RFC 5342:
OUI 01:00:5E:(00:00:00-7f:ff:ff) - Used for IPV4 Multicast and MLPS Multicast.
OUI 00:00:5E:(00:01:00 – 00:01:FF) - Used for Virtual Router Redundancy Protocol (VRRP) IPV4
OUI 00:00:5E:(00:02:00 – 00:02:FF) - Used for Virtual Router Redundancy Protocol (VRRP) IPV6
OUI 33:33:00 – 33:33:FF - Reserved for IPV6 Multicast
OUI CF:00:00 – CF:FF:FF - Reserved by IANA for PPP(Point to Point Protocol)
OUI 00:00:5E (00:00:00 - 00:00:FF) - Requires IESG Ratification for allocation.
Was looking into this myself.. I know it's been a while since the post was active.. but I found these to be ok to use locally:
x2-xx-xx-xx-xx-xx
x6-xx-xx-xx-xx-xx
xA-xx-xx-xx-xx-xx
xE-xx-xx-xx-xx-xx
Source: https://honeywellaidc.force.com/supportppr/s/article/Locally-Administered-MAC-addresses
The registration authority for MAC addresses is the IEEE. It hands out OUIs (Organizationally Unique Identifiers), which give you a three byte prefix, and 2^24 addresses within it, for a fee (currently 2 995USD). You also get the rights to the corresponding multicasts, which have the prefix with the lowest bit of the first byte set. For instance, 00:80:C2 is allocated to the IEEE 802.1 committee, which uses 01:08:C2:00:00:00 for Spanning tree.
So, there isn't really a list of reserved addresses. There is a list of OUIs that have been allocated, unless the buyer has paid (a lot) extra for privacy. You can use any address that has the local bit set freely. A tiny fraction of multicast addresses have a significant meaning because heavyweights like IEEE, Cisco, IANA assign meanings to them. From the IEEE registration point of view, there is no particular significance to these blocks (except possibly to those it has allocated to itself).
Now, how did the 01-00-5E range end up allocated to the Information Sciences Institute? The simple
answer is that they paid for it. So, really the question should be 'how did the Internet get to use part of the range allocated to ISI?'. The answer is that the IANA used to be run from an office in ISI: specifically IANA was the legendary Jon Postel
Bottom line: you are on a bit of a fool's errand. You can distinguish local addresses and multicast addresses, and make some attempt to tie up allocated unicast addresses to vendor blocks. And you can probably do a bit more with well-known multicast addresses but only by tracking down individudal vendor's documentation (IANA is obviously an important one but only definitive for 1 of the 2^22 available blocks). One of the best places to start is probably the Wireshark codebase.
A normal mask for example; 255.255.255.0
this gives us 1111 1111.1111 1111.1111 1111.0000 0000 binary where ones represent network id, and zeroes represent host id.
Would it be possible to use a layout which doesn't have all ones to the left and zeroes to the right?
example: 170.170.170.170
or 10101010.10101010.10101010.10101010 in binary.
Maybe just one additional bit at the end?
11111111.11111111.11111111.00000001 or 255.255.255.1
Maybe reverse the whole mask?
0.255.255.255
Of course you would have to use the specified id-type for the (by the mask) specified place.
As far as I know, subnetting is defined in RFC 950, which says the following:
Since the bits that identify the subnet are specified by a bitmask, they need not be adjacent in the address. However, we recommend that the subnet bits be contiguous and located as the most significant bits of the local address.
Using the most significant bits to identify the subnet is mostly a practical choice to simplify everyday operations—such as figuring out a network or host address—without having to make complex calculations.
That said, just because the RFC says that you could use non-contiguous masks, that doesn't necessarily mean that there are devices out there that support it.