COMMAND
subnets
SYSTEMS AFFECTED
Windows 2000
PROBLEM
Douglas Mayle found following. He encountered what he thinks was
a problem with Windows 2000 Professional's handling of subnet
mask. This has been verified on two separate machines, on two
different IP address spaces. When using a static Class B IP
space, if you set the netmask to a 24-bit mask, and place the
default gateway outside the 254 addresses, but within the 65534
address, packets are still routed to the gateway. The situation
is as follows:
Windows 2000 Pro machine:
- Static IP: 172.16.3.37
- Netmask: 255.255.255.0
- Gateway: 172.16.0.1
Physical Network:
- IP Space: 172.16.x.x
- Netmask: 255.255.0.0
Gateway:
- Static IP 172.16.0.1
- Netmask: 255.255.0.0
Should these packets reach the gateway? They do. Is this a
"feature"??? Reading it in a TCP/IP Exam Cram for the MS TCP/IP
under NT 4.0 test (and actually encountered a question under the
test) it is stated that if the netmask didn't include the gateway
inside the subnet, you would not be able to connect to it.
It has been suggested that this is not covered under an RFC, so
Douglas took the liberty of testing a couple of other operating
systems. He tested under RedHat 6.2 on i386, OpenBSD under i386,
and NT 4.0 Workstation under i386, each on physically different
machines. All three refused to talk to the gateway if it was on
a different subnet, even if it was on the same physical network.
It should be noted however, that OpenBSD handled the request
differently than RedHat 6.2 or NT 4.0. Under OpenBSD, if you had
an arp entry for another machine on the physical segment(gateway
or otherwise) in the arp cache, it would talk to it. Meaning
that OpenBSD checks the arp cache first, then the netmask, and
then makes an arp query. Both RedHat 6.2 and NT 4.0 refused to
talk to other machines, including the gateway regardless of the
arp cache. If the machine wasn't on the subnet, it would not
send packets to it.
SOLUTION
Nothing yet.