32 Bit Mask (255.255.255.255) in Windows problems

  • Thread starter Thread starter Casey Ajalat
  • Start date Start date
C

Casey Ajalat

I'm trying to add a 2nd IP address with a mask of 32 bits to an
existing Windows 2000 Server but I'm not having much luck. The
smallest I can add is a /32 (255.255.255.252) bit mask. So what I
want is this:

A traditional IP/Mask as the primary interface IP and a secondary IP
as a /32. When I try to add the /32 Windows complains as follows:

"The combination of IP address and subnet mask is invalid. All of the
bits in the host address portion of the IP address are set to 1.
Please enter a valid combination of IP address and subnet mask."

Now I KNOW that this error message assumes wrongly that there is no
such thing as an all 1's mask. This sort of thing is done all the
time for routers (loopback addresses) and can easily be done on unix
(either as a primary interface such as an eth0 or as a virtual
interface such as eth0:1). So my question is:

How/where can I add a /32 to an interface.

Thanks in advance.
 
Casey said:
I'm trying to add a 2nd IP address with a mask of 32 bits to an
existing Windows 2000 Server but I'm not having much luck. The
smallest I can add is a /32 (255.255.255.252) bit mask. So what I
want is this:

A traditional IP/Mask as the primary interface IP and a secondary IP
as a /32. When I try to add the /32 Windows complains as follows:

"The combination of IP address and subnet mask is invalid. All of the
bits in the host address portion of the IP address are set to 1.
Please enter a valid combination of IP address and subnet mask."

Now I KNOW that this error message assumes wrongly that there is no
such thing as an all 1's mask. This sort of thing is done all the
time for routers (loopback addresses) and can easily be done on unix
(either as a primary interface such as an eth0 or as a virtual
interface such as eth0:1). So my question is:

How/where can I add a /32 to an interface.
Click to expand...

In my experience, adding multiple IP addresses on multiple subnets in XP
doesn't work well. I think the multiple addresses work best when all the
addresses are on the same subnet.

A subnet mask of /32 doesn't make sense, since the interface cannot
communicate with any other IP address. A 32 bit routing mask is called a
host route and is something different than a subnet mask.
 
In my experience, adding multiple IP addresses on multiple subnets in XP
doesn't work well. I think the multiple addresses work best when all the
addresses are on the same subnet.
Click to expand...

My experience shows otherwise. Been doing this a long time with
multiple subnets on the same interface with no problems. I'm not
saying that it is a good practice but it does work as expected. But
in this case that's not what I'm trying to do by using a /32.
A subnet mask of /32 doesn't make sense, since the interface cannot
communicate with any other IP address. A 32 bit routing mask is called a
host route and is something different than a subnet mask.
Click to expand...

A /32 ought to work just fine so long as it is interpreted properly.
Yes it is a host route and thus not part of any "subnet". The only
way to communicate with such a beast is for a router to point to that
route as a next hop route. i.e. the router would point to that /32
via a next hop of the standard IP address of that host. This is
nothing new and works perfectly for routers and unix. I'm just
baffled that something so simple can't be implemented in Windows.
Casey
cAaBjCaDlEaFt at com.newsfeeds.mail
to send mail remove caps and reverse RHS
 
Casey said:
A /32 ought to work just fine so long as it is interpreted properly.
Yes it is a host route and thus not part of any "subnet". The only
way to communicate with such a beast is for a router to point to that
route as a next hop route. i.e. the router would point to that /32
via a next hop of the standard IP address of that host. This is
nothing new and works perfectly for routers and unix. I'm just
baffled that something so simple can't be implemented in Windows.
Click to expand...

You don't seem to understand the difference between a subnet mask and a
route mask, or you don't know where to apply them in Windows.

You can use 32 bit route masks with Windows, when Windows has routing
enabled. You use them in the routing table. But you do not use a 32 bit
mask in any interface specification, which is the only place you use a
subnet mask. Do not try to use host routes in the interface
specification. Use host routes in the routing table. Read up on the
route command.

You are wrong that the router must point to the host in the host route.
What the host route says is "this is the next hop router for this
particular host". The next hop can be different than the destination
even for a host route. If the next hop is the destination, then it is
best to use the ARP table instead of the routing table.
 
You don't seem to understand the difference between a subnet mask and a
route mask, or you don't know where to apply them in Windows.

You can use 32 bit route masks with Windows, when Windows has routing
enabled. You use them in the routing table. But you do not use a 32 bit
mask in any interface specification, which is the only place you use a
subnet mask. Do not try to use host routes in the interface
specification. Use host routes in the routing table. Read up on the
route command.

You are wrong that the router must point to the host in the host route.
What the host route says is "this is the next hop router for this
particular host". The next hop can be different than the destination
even for a host route. If the next hop is the destination, then it is
best to use the ARP table instead of the routing table.
Click to expand...

Kent,

I know exactly what I want to do and yes I do want to add a /32 as an
interface in Windows and NOT as a route. This is normal under Unix
but seems impossible so far under windows or maybe I haven't found a
way to do it yet.

Let me illustrate with an example of how I would do this under Unix:

Client (PC) <----> Router <-----> Server (Unix)

Server
- One Interface (Eth0)
- Eth0 has 10.1.1.10/24
- Eth0:1 has 192.168.1.1/32

Router
- Has static route to 192.168.1.1 via nexthop of 10.1.1.10
- Redistributes the static route into the routing table (OSPF say)
- Cisco speak would be:
-- ip route 192.168.1.1 255.255.255.255 10.1.1.10

PC
- Wants to communicate with 192.168.1.1

This works under Unix just fine and I have been doing this for years
now. Under windows however, the best I was able to do is a /30. So
for the example above the secondary interface would have
192.168.1.1/30. This works but it is damn annoying that I have to use
a /30 instead of a /32.

The ip 192.168.1.1 in the example above is commonly called a "service
address" which can exist on multiple machines. So for example the
diagram might look like this:

<---- > Server A
Client PC <-----> Router <---- > Server B
<---- > Server C

Servers A, B, C are all on different subnets but each would have the
service address 192.168.1.1 defined on them as /32's. The router
would then have a static route defined for the 192.168.1.1 and a
nexthop of either Server A, B, or C's unique IP address (the /24 if
you will) depending on where you want traffic to go to. This is a
technique used where use of DNS is not feasible (i.e. older devices
that only speak IP and not understand DNS).

Again, under windows this simple task doesn't seem to be so simple.

Casey


Casey
cAaBjCaDlEaFt at com.newsfeeds.mail
to send mail remove caps and reverse RHS
 
I just figured out how to change the mask shortly after I sent my
email. It has to be done via the registry in the following location:

HKEY_LOCAL_MACHINE, SYSTEM, CurrentControlSet, Services, Tcpip,
Parameters, Interfaces

You'll need to find the entry corresponding to your NIC and edit the
mask there. I've tested it and it works so far. I just hope that's
all there was to it. What a pain.

Casey
 
Kent W. England said:
You don't seem to understand the difference between a subnet mask and
a route mask, or you don't know where to apply them in Windows.
Click to expand...
I think it it's just that his explanation is not great. For instance, an
address is clearly not a "host route" (address!=route) and a address with a
/32 mask _is_ part of a subnet, a subnet of one, but still a subnet.

So here's my thoughts on /32 addresses. Firstly, like Casey notes, /32
addressing is certainly allowed on other platforms, I've used it on Cisco
routers. Also note that a /32 mask is not particularly useful on a 'real'
interface, it is usually used on a software-loopback interface: using the
Loopback interface in Windows. It is though sometimes used on
point-to-point interfaces, if I remember correct Windows uses a /32 on a RAS
PPP link?

Just for context, remember that for a IP Address on a local interface, the
subnet mask shows which address are 'local' and thus should be communicated
with directly on the link (i.e. ARPed for on Ethernet, or sent to the
manually configured peer address in X.25, or whatever the interface type's
method is), and correspondingly which addresses are /not/ on-link and thus
the other routes in the routing table should be consulted.

So, a /32 mask means that there are no other machines on that subnet and
thus the other routes in the routing table should just be used.

Thus for outgoing traffic it is fine, but for incoming/return traffic more
(may) needs to be done. Somehow the routers on your network need to know
that the /32 is on your machine. For the Cisco router case this is easy, it
is itself a router so naturally tells everyone that the /32 is on it. For
the end-host case you will generally add a static route to the local
router(s) pointing to the host, e.g. if your PC has ethernet address
10.0.1.2 and internal /32 10.9.1.2 then on a Cisco box do, "ip route
10.9.1.2 255.255.255.255 10.0.1.2".
 
Alan said:
I think it it's just that his explanation is not great. For instance, an
address is clearly not a "host route" (address!=route) and a address with a
/32 mask _is_ part of a subnet, a subnet of one, but still a subnet.
Click to expand...

Given the bizarre circumstances of the example, it's an interesting hack
on the use of IP addressing and routing. It's also interesting that it
works at all for a useful purpose. I never cease to be amazed that
something so elegantly simple as IP addressing and routing can be
tortured into such complex ad hoc contortions.

Of course, if the traffic isn't symmetric, it really isn't IP, it's
something else (but I don't know what!).

I still maintain that there is no such thing as a /32 subnet. If you can
find a way to create symmetric communication when two hosts are using
/32 subnets, please let me know. :-) Making private IP addresses work
like pseudo-multicast (one-way) addresses doesn't count.
 
Back
Top