funny ip problem

Barry Margolin barmar at bbnplanet.com
Thu Apr 6 17:39:57 UTC 2000


In article <000001bf9fc9$36946140$0d7fc6d4 at cybercable.fr>,
Howard W Wortley <howardw at loki.net> wrote:
>We have in one city a co-located server with a class C set of addresses.
>This works fine except that from one cable provider every fourth address
>cannot be reached. From any other provider there is no problem. The cable
>operator says he has no fault. Any ideas?
>
>eg.	x.x.x.142	no good
>	x.x.x.143	ok
>	x.x.x.144	ok
>	x.x.x.145	ok
>	x.x.x.146	no good ... and so on
>
>I don't think it is a DNS problem as using tracert the ip adress get

So why did you post it to a DNS-related newsgroup?

>resolved to the host name ok ... but the connection cannot be reached. As
>the DNS is on the same server as the unreachable ip connection I am
>mystified. As I said it only happens to hosts connecting through this
>particular cable company's cable which hands out DHCP addresses. As it is
>every fourth address I imagine it is some kind of routing problem.

This sounds to me like someone messed up a packet filter.  I think I could
easily create a Cisco packet filter that blocks every address that's a
multiple of 2 but not of 4, as in your example:

access-list ## permit x.x.x.4 0.0.0.249
access-list ## deny   x.x.x.2 0.0.0.253
access-list ## permit x.x.x.0 0.0.0.255

That seems like an unlikely ACL, though.  Maybe your example was wrong, as
a simpler ACL would block just the addresses that are multiples of 4:

access-list ## deny   x.x.x.4 0.0.0.248
access-list ## permit x.x.x.0 0.0.0.255

-- 
Barry Margolin, barmar at genuity.com
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.



More information about the bind-users mailing list