From owner-freebsd-net@FreeBSD.ORG Wed Feb 11 09:55:20 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20E6542E for ; Wed, 11 Feb 2015 09:55:20 +0000 (UTC) Received: from smtp-outbound.userve.net (smtp-outbound.userve.net [217.196.1.22]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.userve.net", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A2EE676C for ; Wed, 11 Feb 2015 09:55:19 +0000 (UTC) Received: from owa.usd-group.com (owa.usd-group.com [217.196.1.2]) by smtp-outbound.userve.net (8.14.7/8.14.7) with ESMTP id t1B9t5a3008931 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for ; Wed, 11 Feb 2015 09:55:08 GMT (envelope-from matt.churchyard@userve.net) Received: from SERVER.ad.usd-group.com (192.168.0.1) by SERVER.ad.usd-group.com (192.168.0.1) with Microsoft SMTP Server (TLS) id 15.0.516.32; Wed, 11 Feb 2015 09:55:04 +0000 Received: from SERVER.ad.usd-group.com ([fe80::b19d:892a:6fc7:1c9]) by SERVER.ad.usd-group.com ([fe80::b19d:892a:6fc7:1c9%12]) with mapi id 15.00.0516.029; Wed, 11 Feb 2015 09:55:04 +0000 From: Matt Churchyard To: "freebsd-net@freebsd.org" Subject: RE: Invalid subnet masks Thread-Topic: Invalid subnet masks Thread-Index: AdBF2FIuD1FE1aNwSWOzQAqD5/KpzwAR7UuAABB1eoA= Date: Wed, 11 Feb 2015 09:55:03 +0000 Message-ID: References: <7e069c1946454793b1c7e0be988877c4@SERVER.ad.usd-group.com> In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.168.0.10] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2015 09:55:20 -0000 On 2015-2-11, at 09:59, Matt Churchyard wrote: >> Just been helping someone on the forums who appears to have configured t= heir network interface incorrectly. It looks like they've assigned 250.250.= 250.0 as the netmask. > that's not invalid. The netmask is a mask and not a prefix like in IPv6. > We could warn when people configure netmasks that are not contiguous pref= ixes (which is the usual practice), but such configurations need to remain = allowed. >Lars I appreciate that it might be 'valid' as a binary mask, but I'm struggling = to find any documentation anywhere that actually suggests that it's valid a= s a network configuration. The entire modern CIDR notation, and all the rou= ting system & hardware built around it (that shows networks in CIDR form an= d will collapse routes) has no way of dealing with these subnets. Are there actually valid use cases for these types of network? I'm learning towards the opinion that they should be rejected unless the us= er specifically overrides it (with something like an ifconfig flag or sysct= l). Although having said that, it's not really doing any damage letting peo= ple get their netmasks wrong. However, as I mentioned in my first email, Wi= ndows 8.1 (and I've now tested Server 2012 which is fairly common in enterp= rise globally...) will not allow them.