Can I use the first IP in a subnet, for instance 192.168.0.0?
-
@Dashrender said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Dashrender said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
Another fun little tidbit is that when you get to small size network such as /31 (2 IP addresses) then there are no broadcast address and of course no network address. RFC 3021 from year 2000 - for point to point links.
I wonder if Windows 7 for instance would complain in the GUI trying to enter that...
Update: Of course it didn't work in Windows 7 GUI either.
Interesting about the no broadcast addresses - at what point are broadcasts addresses dropped from CIDR notation?
/31
Then the "when you get to a small sized network such as" doesn't really work - that would be a single listed exception, not small size. Hence my question.
Both /31 and /32 have no broadcast address. So two single exceptions in that case.
And the broadcast address is more special than one would imagine because it's not normally used.
There seem to be two main types of L3 IP broadcasts.- Local broadcasts that uses address 255.255.255.255 (only within the subnet)
- Directed broadcast that uses the broadcast address (can be routed)
Directed broadcast however are disabled by default in routers and switches because it's has been abused in DDoS attacks called smurf attacks. The only protocol I could find that might need directed broadcast is WakeOnLan and only when you try to wake up a machine in another subnet.
As a test I tried to ping the broadcast address in a couple of different LANs and I couldn't get a response from anything. If it was enabled I would imagine that all hosts would respond to the ping.
-
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
Both /31 and /32 have no broadcast address. So two single exceptions in that case.
Exactly. One and two usable is where it is so small that it can't. /31 and smaller.
-
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
And the broadcast address is more special than one would imagine because it's not normally used.
I use it manually to light up ARP tables.
-
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
And the broadcast address is more special than one would imagine because it's not normally used.
I use it manually to light up ARP tables.
Exactly how do you mean?
I thought ARP requests used layer 2 broadcast with a special mac address to get IP addresses.
-
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
And the broadcast address is more special than one would imagine because it's not normally used.
I use it manually to light up ARP tables.
Exactly how do you mean?
I thought ARP requests used layer 2 broadcast with a special mac address to get IP addresses.
ARP does. But when you broadcast (e.g. ping the broadcast IP) it tells every L3 service to respond, which requires their corresponding ARP entry to be updated.
-
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
And the broadcast address is more special than one would imagine because it's not normally used.
I use it manually to light up ARP tables.
Exactly how do you mean?
I thought ARP requests used layer 2 broadcast with a special mac address to get IP addresses.
ARP does. But when you broadcast (e.g. ping the broadcast IP) it tells every L3 service to respond, which requires their corresponding ARP entry to be updated.
Do you have a LAN with nodes where that actually works? If I ping the broadcast IP (tried several different LANs) I get zero replies.
Mix of windows, linux, bsd, printers, ip cameras, switches, OOB interfaces and god knows what.
-
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
Do you have a LAN with nodes where that actually works? If I ping the broadcast IP (tried several different LANs) I get zero replies.
Don't need the replies, the ARP table updates
-
@scottalanmiller said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
Do you have a LAN with nodes where that actually works? If I ping the broadcast IP (tried several different LANs) I get zero replies.
Don't need the replies, the ARP table updates
I did a test and it suggest that you might be mistaken when there are no replies.
I deleted some entries in the ARP table with known network hosts IP addresses that are up. Pinged the broadcast address but it didn't result in those IP coming back up. Pinged them directly and they show up in the ARP table.
Also verified with packet capture in promiscuous mode, pinging broadcast address from different hosts using different OS. The result was there are no ARP packets, just failed pings.
-
@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:
OK, I did some more research and made some test. I believe most people got this one wrong and for reasons that are historical.
Assume we have the network 192.168.1.0/24.
Subnet mask 255.255.255.0. The address range is 192.168.1.0 to 192.168.1.255.192.168.1.0 is a valid host IP - contrary to what most people believe.
192.168.1.255 is reserved for directed broadcast.Why?
An IP like 192.168.1.0 used to be excluded from use by a host in the past. This was obsoleted in conjunction with the introduction of classless subnets, CIDR. Mentioned in 1995, RFC 1878, which also obsoleted something related, which was the exclusion of certain subnets called subnet zero and the all-ones subnet.
In the past IPs like 192.168.1.0 has also been used as a broadcast address but that practice is also obsolete. RFC 1812 (also 1995) states that 192.168.1.255 should be used for directed broadcast in the 192.168.1.0/24 network and that 192.168.1.0 is forbidden to use for that purpose.
Problem when something becomes obsolete is that you still have old equipment, old protocols and old habits in use. So it takes many years before you can actually stop doing certain things that were needed in the past.
To test the state of things today I spun up some VMs. I used 172.16.0.0/24 as my network.
No problem setting 172.16.0.0 as IP address on CentOS or Debian for example. Everything works as you would expect.
You could however see some remnants of the past, like this:
As mentioned above, it was a long time since that was considered a broadcast address.Windows 7 was however another story. You can't enter 172.16.0.0 as a valid IP address in network settings. But you can do it on the command line with netsh. And then it shows up as expected. Network works as expected too.
So all in all, it is technically OK to use the first IP as an host IP. It's not reserved anymore and hasn't been for more than two decades. Protocols that used that IP for broadcast or reserved for the network address are not in use anymore.
The biggest risk is probably to run into applications where they on purpose don't allow you to enter a specific "invalid" IP address.
That said, it would probably be very confusing for most people.
I would assume in a /24 network to not use x.x.x.0 when there are other networks, but in a bigger network, perfectly fine since it's inside the network range.
