From: Kenneth Wygand (KWygand@customonline.com)
Date: Mon Apr 26 2004 - 04:13:04 GMT-3
Anna, Carlos,
The range is 169.254.x.x/24 and is considered "Automatic IP Addressing".
What happens is if a DHCP request goes out from a client and no DHCP
server can be reached, the client randomly assigns itself one of the
65534 (2^16 - 2) possible addresses from this range. The advantage of
"Automatic IP Addressing" is that you can set up a small flat network
with no DHCP server because Automatic IP Addressing will automatically
and randomly assign clients IP addresses WITHIN THE SAME NETWORK.
This "feature" is not specific to Microsoft, although since every MS
operating system since the initial release of Windows 98 supports this
feature, it's clearly the _largest_ implementation of the feature, so
it's not surprising many documents reference this range as the
"Microsoft" range. I'm not sure if *nix clients support this
functionality, although it is an open standard defined in RFC3330.
As pointed out by Jacques, RFC3330 states:
<snip>
169.254.0.0/16 - This is the "link local" block. It is allocated for
communication between hosts on a single link. Hosts obtain these
addresses by auto-configuration, such as when a DHCP server may not
be found.
</snip>
Here is a link to a brief explanation on how this feature works:
http://www.duxcw.com/faq/network/autoip.htm
Here is a link to Microsoft's implementation of Automatic IP Addressing:
http://support.microsoft.com/support/kb/articles/Q220/8/74.ASP
Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"The only unattainable goal is the one not attempted."
-Anonymous
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jacques Eding
Sent: Sunday, April 25, 2004 2:49 PM
To: cmarchini@signetdiagnostic.com; annu_roopa@yahoo.com
Cc: ccielab@groupstudy.com
Subject: RE: RFC 1918 filtering on ISP Edge router
Check this rfc,
ftp://ftp.rfc-editor.org/in-notes/rfc3330.txt
Jacques
ccnp/ccdp/ccisp
-----Original Message-----
From: "Carlos Marchini"<cmarchini@signetdiagnostic.com>
Sent: 25-4-04 20:27:18
To: "annu_roopa@yahoo.com"<annu_roopa@yahoo.com>
Cc: "ccielab@groupstudy.com"<ccielab@groupstudy.com>
Subject: FW: RFC 1918 filtering on ISP Edge router
If I am not mistaken they are talking about the 127.0.0.1 address or
as
Microsoft calls it localhost address. I don't know if the
169.0.254.0
address is a Microsoft registered address. I think this is DHCP
reserved
address not specific to Microsoft.
What I wonder is if we are supposed to block all the 127.0.0.0
0.255.255.255 network or only the 127.0.0.1 0.0.0.0 address? And
what
does Cisco consider a Microsoft registered address. (Maybe both
127.x.x.x and 169.0.254.x network)
Does any one know a good Cisco link for this subject?
Thanks,
Carlos
Annu Roopa wrote:
>Kenneth and group,
>
>Thanks to all who took time to answer and clarify my doubts. I have
another
Q on the same topic which went unanswered. I would like to know what
are
MSoft reserved addresses which i see keep getting mentioned in
Documents and
on Gstudy.
>
>I think the only reserved MS address is the one when IP does not
get
allocated to a MS device by DHCP and it chooses 169.0.254.1. Is this
address
right or are there ANY other addresses i should be aware of.
Unfortuantely i
am not very Msoft savvy but would be eager to know of any document
or URL
which discusses this.
>
>Thanks again,
>Annu
>
>
>
>Kenneth Wygand <KWygand@customonline.com> wrote:
>
>Anna,
>
>
>
>Please read below. All this information is in the original
document,
Router Security
>
>Configuration Guide published by SNAC and NSA. Id attach the
document
but Groupstudy doesnt accept attachments, so you can download the
document
from the following link:
>
>
>
>http://nsa2.www.conxion.com/cisco/download.htm
>
>
>
><snip>
>
>IP Address Spoof Protection
>
>The filtering suggestions in this sub-section are applicable to
border
routers, and most
>
>interior routers. With backbone routers, it is not always feasible
to
define inbound
>
>and outbound.
>
>Inbound Traffic
>
>Do not allow any inbound IP packet that contains an IP address from
the
internal
>
>network (e.g., 14.2.6.0), any local host address (1
[Message truncated. Tap Edit->Mark for Download to get remaining
portion.]
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:55 GMT-3