koitsu
Premium
join:2002-07-16
Mountain View, CA
| Last octet 255 bug on Windows?
I'm sure I'm going to get a bunch of follow-ups lecturing me on netmasks despite my comprehension of them being quite decent, so I'll do my best to cover my bases while explaining the problem. 
An acquaintence of mine happens to manage a network as part of 202.83.176.0/21. The network, as far as what I've been told, is not subnetted into smaller blocks (that is, they do not split the network into separate /24s or otherwise). Heck, even if it was, it shouldn't matter (from my end).
The issue is that he's receiving reports of random Internet people not being able to reach 202.83.176.255 (ICMP echo, TCP port 80, or TCP port 8022). By "random" I mean he receives occasional mentions of it, but hasn't managed to figure out why those individuals have issues. I was baffled, thus offered to help.
I found that from my own LAN (192.168.1.0/255), my FreeBSD box has no problem pinging 202.83.176.255 or reaching either of the aforementioned TCP ports.
However, from my Windows XP box on the same LAN, packets never even make it out of the IP stack. I've sniffed using Wireshark on the Windows box, and packets aren't going out the wire. My local gateway also sees no such packets. Another acquaintence of mine (in Canada somewhere I believe) sees the same from his Windows machine.
Other addresses like 202.83.176.253 (to TCP port 80) work just fine from both BSD and Windows. It's as if Windows makes some blind assumption that any address ending in 255 is a broadcast address, rather than taking into consideration the local netmask.
There's apparently a history with the Windows IP stack doing retarded things when it comes to the last octet being 255, but according to the KB article, it only applies to Windows 98 and locally bound IP addresses (or something -- the KB article reads very badly and is vague):
»support.microsoft.com/kb/238727
There's a couple references I've found mentioning this problem, but none were conclusive; just lots of "I've seen on Windows..." and a forum post mentioning Cisco loopback addresses ending in 255 not playing well with Windows. But loopback is its own beast; I'm talking about publicly routed IP space here.
Does anyone here have something conclusive they can point me to documenting this problem? The workaround is pretty obvious (do not use addresses ending in 255), but the implications of that workaround should be obvious.
Thanks.
--
Making life hard for others since 1977. |
|
PetePuma
How many lumps do you want
Premium,MVM
join:2002-06-13
Arlington, VA
| I hate to confirm that you appear to be right.
I tested this first on my home FIOS network. My Linux box on that network has no trouble reaching or rendering 202.83.176.255.
A Win2k box on the same network will fail immediately.
I also tried this on my XP Pro box at the office, with the same results as 2k.
There's no commonality amongst security software or firewalls on the 2 windows boxes, so I think this is a Windows-level thing. And frankly I'm quite surprised.
This article seems to indicate this is true:
»articles.techrepublic.com.com/51···906.html
"Specifically, Windows NT and 2000 do not allow the use of the X.X.X.255 or X.X.X.0 IP addresses. (For more information on this, see Microsoft Knowledge Base Article 281579.) Because the available hosts for this range of addresses will exceed our requirements, the loss of these few addresses will not be an issue."
KB 281579: »support.microsoft.com/kb/281579 seems to confirm this. |
|
DaSneaky1D
one wall to block them all
Premium,MVM
join:2001-03-29
The Lou | reply to koitsu
Confirmed again.
Linux = OK
XP = Not OK |
|
Da Geek Kid
join:2003-10-11
Mclean, VA
| reply to koitsu
that's been well known, BS MS TCPIP... This was one of the reasons we used to make fun of people taking MS TCP/IP test for MCSE... NT/2k and xp, and highly possible that vista won't work either...
They call this an advance TCP/IP feature...  |
|
Paulg
Displaced Yooper
Premium
join:2004-03-15
Neenah, WI
clubs: | reply to koitsu
works in vista. |
|
Da Geek Kid
join:2003-10-11
Mclean, VA | reply to koitsu
I would have someone else verify that... I hate to believe that MS actually fixed something... |
|
Edwin Groothuis
@on.net
 from:
koitsu 
| reply to koitsu
»www.mavetju.org/weblog/html/00174.html
^-- found out what was the cause: strange classfull stack filtering. |
|
manfmmd
Premium
join:2003-01-14
Earth
clubs: | reply to Paulg
Also works on my Vista Laptop, but not my WinXP Laptop. |
|
Devanchya
Smile
Premium
join:2003-12-09
Ajax, ON
 ·Bell Sympatico
| reply to koitsu
See, Vista does not totally suck:
--
»www.codecipher.com - Marking the way to tomorrow's solutions |
|
redhatnation
Premium
join:2005-06-02
Woodbridge, VA
 ·Comcast
| reply to koitsu
Works on a friggin Mac too:
$ ping 202.83.176.255
PING 202.83.176.255 (202.83.176.255): 56 data bytes
64 bytes from 202.83.176.255: icmp_seq=0 ttl=46 time=294.230 ms
64 bytes from 202.83.176.255: icmp_seq=1 ttl=46 time=289.899 ms
^C
--- 202.83.176.255 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 289.899/292.065/294.230/2.166 ms |
|
panda
Visualize Whirled Peas
join:2000-01-08
Danvers, MA
| reply to koitsu
Using my XP Pro laptop, I cannot ping but I can tracert;
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\NextStep>ping 202.83.176.255
Pinging 202.83.176.255 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 202.83.176.255:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Documents and Settings\NextStep>tracert 202.83.176.255
Tracing route to www.mavetju.org [202.83.176.255]
over a maximum of 30 hops:
1 1 ms 2 ms 1 ms 192.168.1.2
2 39 ms 24 ms 26 ms 10.9.95.1
3 38 ms 24 ms 26 ms at-1-1-0-1714.CORE-RTR1.BOS.verizon-gni.net [130
.81.9.225]
4 41 ms 26 ms 25 ms so-0-2-0-0.BB-RTR1.BOS.verizon-gni.net [130.81.2
0.84]
5 43 ms 27 ms 26 ms 0.so-5-2-0.XL1.BOS4.ALTER.NET [152.63.19.129]
6 114 ms 102 ms 99 ms 0.so-3-0-0.IL1.SAC1.ALTER.NET [152.63.48.37]
7 113 ms 98 ms 98 ms 0.so-2-0-0.IR1.SAC2.ALTER.NET [152.63.48.34]
8 305 ms 306 ms 306 ms so-5-0-0.XT1.SYD2.ALTER.NET [210.80.33.233]
9 329 ms 306 ms 306 ms so-3-2-0.GW5.SYD2.ALTER.NET [210.80.33.58]
10 430 ms 306 ms 306 ms barnet2-syd-gw.aspac.customer.alter.net [221.133
.215.62]
11 328 ms 306 ms 307 ms to-internet.hs2-bd8806.int.barnet.com.au [202.83
.178.178]
12 330 ms 306 ms 409 ms to-hs2.sjh-bd8806.int.barnet.com.au [202.83.178.
185]
13 329 ms 306 ms 409 ms nat2.barnet.com.au [202.83.178.242]
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
Strange...
--
"[He] couldn't get a clue if he stripped naked, rubbed himself with clue musk, went to the middle of the clue breeding grounds at the height of clue breeding season when it was full of horny clues and did the clue mating dance for days." |
|
trog
join:2001-03-25
Scarborough, ON
·Rogers Hi-Speed
| Might this be related to the XP parameter UseZeroBroadcast
Documentation on this states:
UseZeroBroadcast
Key: Tcpip\Parameters\Interfaces\ID for Adapter
Value Type: REG_DWORD - Boolean
Valid Range: 0 or 1 (False or True)
Default: 0 (False)
Description: If this parameter is set to 1 (True), the IP will use zeros-broadcasts (0.0.0.0) instead of ones-broadcasts (255.255.255.255). Most computers use ones-broadcasts, but some computers that are derived from BSD implementations use zeros-broadcasts. Computers that use different broadcasts do not interoperate well on the same network.
Peter |
|
gilligun
Shipwrecked
Premium
join:2002-11-22
Denver, CO | reply to koitsu
Windows 2000 Professional SvcPk 4.....fail
Thru Sam Spade ........fail
--
Why do I have long hair?? It covers my bald spot! |
|
a8965
@cox.net | reply to Devanchya
he said ping was fine, TCP doesn't work... try again with telnet (not that I can find an open port)
until TCP is confirmed I call Vista is broken as well |
|
koitsu
Premium
join:2002-07-16
Mountain View, CA
| reply to trog
said by trog :Might this be related to the XP parameter UseZeroBroadcast Documentation on this states: UseZeroBroadcast Key: Tcpip\Parameters\Interfaces\ID for Adapter Value Type: REG_DWORD - Boolean Valid Range: 0 or 1 (False or True) Default: 0 (False) Description: If this parameter is set to 1 (True), the IP will use zeros-broadcasts (0.0.0.0) instead of ones-broadcasts (255.255.255.255). Most computers use ones-broadcasts, but some computers that are derived from BSD implementations use zeros-broadcasts. Computers that use different broadcasts do not interoperate well on the same network. Peter A good guess, but I think that's for very (repeat: VERY) old network configurations where broadcast traffic used to be sent across an all-zero address (e.g. x.x.x.0/24) instead of an all-ones address (e.g. x.x.x.255/24).
For comparison, I believe on Lucent/Livingston Portmasters, this is referred to as having a "high" (all ones) or "low" (zero) broadcast address. The default is "low", but the Portmaster does this out of paranoia/concern for very old OSes, where the broadcast was all zeros. On all of my Portmasters, I have to do a `set ether0 broadcast high` for broadcast traffic to work. Cross-reference:
»www.stat.ufl.edu/system/man/port···.fm.html
--
Making life hard for others since 1977. |
|
Edwin Groothuis
@on.net | reply to a8965
You can try port 5666. It will immediately close, but it will show you if the TCP connection works with Vista. |
|
OZO
Premium
join:2003-01-17
| reply to koitsu
My Ethereal (v.0.10.14) on WXP Pro SP2 shows me that ICMP packets ("ping" command) are sent and received. At the same time I'm getting output from the "ping" command: Request timed out.
So, problem seems to be not in sending requests, but rather in interpreting replies. That, BTW, explains why we can tracert to up to this IP (but not the IP).
--
Keep it simple, it'll become complex by itself... |
|
manfmmd
Premium
join:2003-01-14
Earth
clubs:
| reply to koitsu
Seems like there are a few open ports:
|
|
therube
join:2004-11-11
Randallstown, MD
| reply to koitsu
Interesting (to me at least), I was checking out this Ping/Tracert/Lookup/... Tool,
eToolz, & I was able to successfully DNS, Ping, Trace, Whois from my XP Home system, though a HTTP-Header check returned, "Server not reachable!". |
|
Da Geek Kid
join:2003-10-11
Mclean, VA
| reply to redhatnation
said by redhatnation :Works on a friggin Mac too: $ ping 202.83.176.255 PING 202.83.176.255 (202.83.176.255): 56 data bytes 64 bytes from 202.83.176.255: icmp_seq=0 ttl=46 time=294.230 ms 64 bytes from 202.83.176.255: icmp_seq=1 ttl=46 time=289.899 ms ^C --- 202.83.176.255 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 289.899/292.065/294.230/2.166 ms Mac uses BSD TCP/IP and hence it MUST work... if it doesn't than it must be a user error  |
|
