Sign in to follow this  
Bagheera

Theoretical question regarding Supernetting / CIDR

Recommended Posts

I don't know a better forum in which to ask this, even though this is a programming forum after all and this is a non-programming question. Anyway, here goes: Let's say my computer's IP address is 192.100.0.1 / 22 That means I created a supernet, and my host range is 192.100.0.1 - 192.100.3.254. All those computers are in the same NetID and do not need a router to communicate. And so the following situation should work: 192.100.0.1 / 22 CONNECTED TO <Switch> CONNECTED TO 192.100.3.50 / 22 Those two computers will be able to ping each other, communicate, etc. The question is as follows: If I (the 192.100.0.1 computer) receive a message from the other computer, how do I know that he's in the same NetID as I am, and such to receive the message? An IP Datagram does not contain Subnet Mask/Supernet Mask information, only destination IP. The other layers do not as well. Ports, MAC Addresses, etc, but not Subnet masks. I busted my ass on this and I just don't have a clue - Any ideas?

Share this post


Link to post
Share on other sites
You cannot. At least not generally.

This is the same situation you run into with NAT routers - there's one IP, but there's no way to figure out what's behind without support from the router.

This is why the 192 and other domains where defined for local networks - to avoid overwriting external namespaces.

Internet router is a simple stateless switch. When a packet arrives, it'll look at destination, and, based on its routing table, send it to one of its outgoing connections. Router doesn't understand the context of the packet, or even the contents, it doesn't even care about origin. You can spoof the sender IP as much as you want - internet won't even blink.

The information you want doesn't exist, and some routers deliberately overwrite sender or destination address to achieve different routing. Masks and routing exist solely within the router itself.

There might be router-specific ways, or special solutions for a particular problem, but in general, there's no way to find out true sender of the packet.

That, or something big escaped me. But given the theory behind DDoS attacks, that's unlikely.

Share this post


Link to post
Share on other sites
The first question is: why do you care? If someone sent you a message, chances are that they intended for you to get it. If you want to block external messages, the best place to do that is on the gateway/router/firewall that connects the subnet with the external network.

The second answer is: you need to get the subnet mask from the network interface on your machine, and mask against that to check. However, this is platform dependent (there's no standard way of getting the subnet mask), and it's also not 100% sure, for example because of possible NAT renaming.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this