On Thu, 2007-02-22 at 13:58 -0500, Kwan Lowe wrote: > > > An expression of the form 'n.n.n.n/m.m.m.m´ is interpreted as a > > 'net/mask´ pair. An IPv4 host address is matched if 'net´ is equal > > to the bitwise AND of the address and the 'mask´. For example, > > the net/mask pattern '131.155.72.0/255.255.254.0´ matches every > > address in the range '131.155.72.0´ through '131.155.73.255´. > > > > > > Is there any reason why it must be written out as: > > > > 131.155.72.0/255.255.254.0 > > > > ... as opposed to using the shorter version: > > > > 131.155.72.0/23 > > At one point it was possible to create a non-contiguous mask. This would not be > doable with the short / notation. The "short / notation" is called "CIDR" (classless interdomain routing) notation. > I've never actually used a non-contiguous mask, but there's a whole chapter on it in > one of my earlier networking books. I have. It's a nightmare, but unfortunately many Asian ISPs use it to spam. Makes your iptables and firewall rules rather nasty. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens@xxxxxxxxxxxxxxx - - VitalStream, Inc. http://www.vitalstream.com - - - - Any sufficiently advanced technology is indistinguishable from a - - rigged demo. - ----------------------------------------------------------------------
