Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
6
Replies

Netmask misconfiguration

ekeen
Level 1
Level 1

‎10-21-2005 09:17 AM

Our secuitry guy is telling me that I might have a misconfiguration on one of my As5300 servers a Netmask misconfiguration? His concern is that it's looking for a class B brodcast and not a clas C brodcast that it should be looking for.

Any suggestion?

TIA

Labels:
0 Helpful
6 Replies 6

paul.werner
Level 1
Level 1

‎10-22-2005 01:16 AM

Can you post the config?

0 Helpful

ekeen
Level 1
Level 1
In response to paul.werner

‎11-14-2005 07:08 AM

I'm sorry for the late reply but honestly I've been so busy that I forgot about this issue. Any help would be greatly apprecitated.

TIA

Preview file
6 KB
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to ekeen

‎11-14-2005 07:43 AM

Eric

I have looked at the config that you posted and I do not see an issue. But I admit that I do not understand your original message and what the supposed issue would be about subnet masks and broadcast addresses. Both of the Ethernet interfaces are in class B network address space and both are configured with /24 (class C) subnetting. I do not see any issue about this.

Perhaps you can clarify - or ask your security person to clarify - what the concern is. Because at this point I do not see anything out of the ordinary.

HTH

Rick

HTH

Rick
0 Helpful

ekeen
Level 1
Level 1
In response to Richard Burts

‎11-15-2005 06:08 AM

Workstations assigned addresses from the pool appear to be searching for the broadcast address of the Class B (xx.xx.255.255) instead of the broadcast of the Class C (xx.xx.xx.255).

TIA

Eric

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to ekeen

‎11-15-2005 07:58 AM

Eric

I see the point better now. I do not think that it is much to be worried about, especially since these workstations are connected via PPP connections in which the broadcast address is not a particularly useful concept. These are not workstations on an LAN where addresses are assigned by DHCP (though functionally it is quite similar) in which broadcast packets are functional. Any broadcast from these workstations (no matter whether it is 144.96.153.255 or it is 144.96.255.255) will go only to the 5300 which will decide what to do with it.

And I do not think that you have a misconfiguration. I have several 5350s (very similar to your 5300s) at a customer site. I have a similar configuration with a class B address, subnetted with /24, and with a dial pool as part of the subnet which is on one of the interfaces. I checked and the workstations are being assigned an address with a 255.255.0.0 mask. I am not aware of any configuration option to specify the mask differently as it is assigned to the workstation.

In a practical sense I am not sure that there is a problem. If a client sends a request to 144.96.255.255 it should get to the 5300 and the 5300 should not forward it anywhere since it is the network broadcast and routers do not typically forward the network broadcast.

HTH

Rick

HTH

Rick
0 Helpful

paul.werner
Level 1
Level 1
In response to Richard Burts

‎11-15-2005 11:17 AM

I also agree with Rick's assessment of the situation.

Out of curiosity, once the hosts connect, how are other network critical values farmed out to the connected hosts, such as the IP addresses of DNS or WINS servers? Do you use DCHP on this network, or do you manually configure these values in the connected hosts?

pw

0 Helpful
Customers Also Viewed These Support Documents