[Dshield] Another simple question...

John Groseclose iain at caradoc.org
Sun Oct 28 17:27:56 GMT 2001


At 4:46 PM -0700 10/27/01, Josh Tolley wrote:
>What does the /8, /12, etc. below mean?  I assume subnet, but having
>only used 4 octet notation for subnets, I don't know how to translate
>it.
>
>Josh Tolley
>
><snip>
>The reserved-for-private-use netblocks should be blocked in *both
>directions* (in and out, source and destination) at your boundary:
>10.0.0.0/8
>172.16.0.0/12
>192.168.0.0/24
></snip>

The /12, /24 are the "masks" for CIDR notation.

Good URLs:

http://www2.nolug.org:81/tcp-ip-class/x247.html - teaches CIDR notation
http://logi.cc/nw/NetCalc.php3 - calculates the IP range for you

Using the latter URL, here are two translations for two examples you gave:

User input = "10.0.0.0/8"

NetCalc V1.1a
HostAddr   10.0.0.0            00001010.00000000.00000000.00000000  0x0A000000
NetMask    255.0.0.0           11111111.00000000.00000000.00000000  0xFF000000
NetAddr    10.0.0.0/8          00001010.00000000.00000000.00000000  0x0A000000
First Host 10.0.0.1            00001010.00000000.00000000.00000001  0x0A000001
Last Host  10.255.255.254      00001010.11111111.11111111.11111110  0x0AFFFFFE
Broadcast  10.255.255.255      00001010.11111111.11111111.11111111  0x0AFFFFFF
N Hosts    16777214
0.0.0.10.in-addr.arpa.         IN PTR
0.0.0.10.in-addr.arpa.         IN PTR

User input = "192.168.0.0/24"

NetCalc V1.1a
HostAddr   192.168.0.0         11000000.10101000.00000000.00000000  0xC0A80000
NetMask    255.255.255.0       11111111.11111111.11111111.00000000  0xFFFFFF00
NetAddr    192.168.0.0/24      11000000.10101000.00000000.00000000  0xC0A80000
First Host 192.168.0.1         11000000.10101000.00000000.00000001  0xC0A80001
Last Host  192.168.0.254       11000000.10101000.00000000.11111110  0xC0A800FE
Broadcast  192.168.0.255       11000000.10101000.00000000.11111111  0xC0A800FF
N Hosts    254
0.0.168.192.in-addr.arpa.      IN PTR
0.0.168.192.in-addr.arpa.      IN PTR

To greatly oversimply, the / number can be divided by eight, and then 
you can ignore the numbers in those first octets.

Example: 192.168.0.0/24 - divide 24 by 8 to get 3, so you ignore the 
first three octets, leaving 192.168.0.(0-254).

Example: 10.0.0.0/8 - divide 8 by 8 to get 1, so you ignore the first 
octet, leaving 10.(0-254).(0-254).(0-254).

CIDR notation is very flexible once you understand that the / can be 
followed by any number that masks the correct bits to get the desired 
subnet.

Example:

User input = "64.81.19.208 - 64.81.19.211"

NetCalc V1.1a
Address1   64.81.19.208        01000000.01010001.00010011.11010000  0x405113D0
Address2   64.81.19.211        01000000.01010001.00010011.11010011  0x405113D3
NetMask    255.255.255.252     11111111.11111111.11111111.11111100  0xFFFFFFFC
NetAddr    64.81.19.208/30     01000000.01010001.00010011.11010000  0x405113D0
First Host 64.81.19.209        01000000.01010001.00010011.11010001  0x405113D1
Last Host  64.81.19.210        01000000.01010001.00010011.11010010  0x405113D2
Broadcast  64.81.19.211        01000000.01010001.00010011.11010011  0x405113D3
N Hosts    2
208.19.81.64.in-addr.arpa.     IN PTR
208.19.81.64.in-addr.arpa.     IN PTR

See how it works?
-- 
John Groseclose
iain at caradoc.org




More information about the list mailing list