RE: Ping the subnet address

From: Tom Martin (tig@wiltecinc.com)
Date: Fri Jul 02 2004 - 11:55:01 GMT-3

• Next message: Guilherme Correia: "RE: Ping the subnet address"
• Previous message: Kenneth Wygand: "RE: Ping the subnet address"
• Maybe in reply to: Guilherme Correia: "Ping the subnet address"
• Next in thread: Guilherme Correia: "RE: Ping the subnet address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

You didn't include any excerpts from your packet capture, but I
recreated the scenario using "debug ip packet" instead of using a packet
capture. When you ping the all-zeroes or all-ones broadcast address, the
pinging router actually sends packets out to destination
255.255.255.255, not the IP that you specified!

Sending router debug output:

r2#ping 192.168.12.0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.0, timeout is 2 seconds:

Mar 15 02:48:12.975: IP: s=192.168.12.2 (local), d=255.255.255.255
(FastEthernet0), len 100, sending broad/multicast
Mar 15 02:48:12.979: IP: s=192.168.12.1 (FastEthernet0), d=192.168.12.2
(FastEthernet0), len 100, rcvd 3
Reply to request 0 from 192.168.12.1, 4 ms
Mar 15 02:48:14.975: IP: s=192.168.12.2 (local), d=255.255.255.255
(FastEthernet0), len 100, sending broad/multicast
Mar 15 02:48:14.979: IP: s=192.168.12.1 (FastEthernet0), d=192.168.12.2
(FastEthernet0), len 100, rcvd 3
Reply to request 1 from 192.168.12.1, 4 ms
Mar 15 02:48:16.975: IP: s=192.168.12.2 (local), d=255.255.255.255
(FastEthernet0), len 100, sending broad/multicast
Mar 15 02:48:16.979: IP: s=192.168.12.1 (FastEthernet0), d=192.168.12.2
(FastEthernet0), len 100, rcvd 3
Reply to request 2 from 192.168.12.1, 4 ms
Mar 15 02:48:18.975: IP: s=192.168.12.2 (local), d=255.255.255.255
(FastEthernet0), len 100, sending broad/multicast
Mar 15 02:48:18.979: IP: s=192.168.12.1 (FastEthernet0), d=192.168.12.2
(FastEthernet0), len 100, rcvd 3
Reply to request 3 from 192.168.12.1, 4 ms
Mar 15 02:48:20.975: IP: s=192.168.12.2 (local), d=255.255.255.255
(FastEthernet0), len 100, sending broad/multicast
Mar 15 02:48:20.979: IP: s=192.168.12.1 (FastEthernet0), d=192.168.12.2
(FastEthernet0), len 100, rcvd 3
Reply to request 4 from 192.168.12.1, 4 ms
r2#

Confirmation that 255.255.255.255 is the destination, output from the
receiving router:

r1#
*Mar 1 00:30:00.339: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, rcvd 2
*Mar 1 00:30:00.339: IP: s=192.168.12.1 (local), d=192.168.12.2
(Ethernet1/0),len 100, sending
*Mar 1 00:30:02.339: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, rcvd 2
*Mar 1 00:30:02.339: IP: s=192.168.12.1 (local), d=192.168.12.2
(Ethernet1/0),len 100, sending
*Mar 1 00:30:04.339: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, rcvd 2
*Mar 1 00:30:04.339: IP: s=192.168.12.1 (local), d=192.168.12.2
(Ethernet1/0),len 100, sending
*Mar 1 00:30:06.339: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, rcvd 2
*Mar 1 00:30:06.339: IP: s=192.168.12.1 (local), d=192.168.12.2
(Ethernet1/0),len 100, sending
*Mar 1 00:30:08.339: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, rcvd 2
*Mar 1 00:30:08.339: IP: s=192.168.12.1 (local), d=192.168.12.2
(Ethernet1/0),len 100, sending
r1#

To answer your question on how to stop it (assuming you still want to do
so), just use an access-list. I used:

access-list 100 deny ip any host 255.255.255.255
access-list 100 permit ip any any
interface Ethernet1/0
  ip access-group 100 in

That resulted in failed pings from the sending side and the following
output from the receiving side:

*Mar 1 00:32:05.739: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, access denied
*Mar 1 00:32:07.739: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, access denied
*Mar 1 00:32:09.739: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, access denied
*Mar 1 00:32:11.739: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, access denied
*Mar 1 00:32:13.739: IP: s=192.168.12.2 (Ethernet1/0),
d=255.255.255.255, len 100, access denied

-- Tom

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Guilherme Correia
Sent: Friday, July 02, 2004 9:36 AM
To: ccielab@groupstudy.com
Subject: Ping the subnet address

Hi

I am experiencing this weird issue that when I ping the subnet address,
one
of the routers respond.
For example, when I ping 172.24.18.4 (subnet 172.24.18.4/30) one of the
routers with an interface on the subnet responds:

7204-1#ping 172.24.18.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 206.24.18.4, timeout is 2 seconds:

Reply to request 0 from 172.24.18.5, 1 ms
Reply to request 1 from 172.24.18.5, 1 ms
Reply to request 2 from 172.24.18.5, 1 ms
Reply to request 3 from 172.24.18.5, 1 ms
Reply to request 4 from 172.24.18.5, 1 ms

How can I stop this?

TIA

• Next message: Guilherme Correia: "RE: Ping the subnet address"
• Previous message: Kenneth Wygand: "RE: Ping the subnet address"
• Maybe in reply to: Guilherme Correia: "Ping the subnet address"
• Next in thread: Guilherme Correia: "RE: Ping the subnet address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:45 GMT-3