EFW Support

Support => General Support => Topic started by: Goetz on Friday 02 March 2012, 01:03:22 am



Title: The IP address is the same as its network address, which is not allowed!
Post by: Goetz on Friday 02 March 2012, 01:03:22 am
Hey,
sorry for a n00bish question.

I'm trying to add extra IPs I've got from my Interenet Provider.

For now I've got configured Ethernet Static uplink with following options:

IP address: 87.204.168.224
Netmask: 255.255.255.224
Default gateway: 87.204.168.225
Primary DNS: 87.204.204.204
Secondary DNS: 62.233.233.233

On Endian Firewall panel I go to Network -> Interfaces -> Edit uplink of my main uplink

after that I press: "Add additional addresses (one IP/Netmask or IP/CIDR per line)"
and add following: "87.204.168.227/255.255.255.224"

When I update all changges I get "The IP address '87.204.168.224/27' is the same as its network address, which is not allowed!"

Any ideas how to fix it ?

Thanks in advance for any help


Title: Re: The IP address is the same as its network address, which is not allowed!
Post by: mrkroket on Friday 02 March 2012, 11:50:04 am
Because it's true. Any subnet has 2 special IP's, the first and the last.
The first one is called the network address, it's usually the .0 on netmask 255.255.255.0, but not in other netmasks.

In your case, the 87.204.168.224/27 is indeed your network address, and shouldn't be used.
Your IP ranges are 7.204.168.224 - 7.204.168.255, and neither the first (7.204.168.224) nor the last (broadcast IP:  7.204.168.255) can be used by single machines.

What I don't know is why endian lets you in the first case...
Always use an CIDR calculator for any IP/CIDR stuff: http://www.subnet-calculator.com/cidr.php (http://www.subnet-calculator.com/cidr.php)


More info about subnet Id and broadcast IP on http://en.wikipedia.org/wiki/IPv4_subnetting_reference (http://en.wikipedia.org/wiki/IPv4_subnetting_reference)


Title: Re: The IP address is the same as its network address, which is not allowed!
Post by: Goetz on Friday 02 March 2012, 09:32:35 pm
Thanks a lot that worked and explained a lot of thing to me.
I've got twoj more question.

1. In simple way my network looks like this:

ISP Router -> switch -> endian

Red Interface IP: 87.204.168.226
Green Interface IP: 196.192.168.0.1

Two other machines with external IP 87.204.168.23x.
I can't ping any of these IPs (87.204.168.226 nor 87.204.168.23x) only ping that works is router IP (Default gateway 87.204.168.225). Is it because of wrong endian configuration or problem is my ISP's router ?

2. I wanna forward all FTP connections comming from 87.204.168.226 to Green zone computer (192.168.0.16).
I set up my "Port forwarding / Destination NAT" rule like in attachments

When I try to connect via Total Commander via 192.168.0.16 it works but not via external IP 87.204.168.226

I tried tracerouting (using network-tools.com)  my Gateway IP and My Endian IP, while traceroute for Gateway works Endian don't.

Code:
TraceRoute to 87.204.168.225 [gate.stomil-poznan.pl]

Hop (ms) (ms) (ms)      IP Address Host name
 1   57   0   0      8.9.232.73   xe-5-3-0.edge3.dallas1.level3.net 
2   1   1   1      4.69.145.13   ae-1-60.edge4.dallas3.level3.net 
3   3   3   4      77.67.71.221   xe-8-1-2.dal33.ip4.tinet.net 
4   152   152   152      89.149.186.86   xe-2-2-0.waw10.ip4.tinet.net 
5   162   178   163      77.67.74.98   netia-gw.ip4.tinet.net 
6   149   147   147      83.238.251.99   warsh002rt22-warsc001rt06.inetia.pl 
7   149   147   147      83.238.251.101   warsc001rt06-poznh002rt09.inetia.pl 
8   145   145   145      83.238.249.234    - 
9   146   146   146      81.210.5.76   poznr001sw01.inetia.pl 
10   145   145   145      87.204.168.225   gate.stomil-poznan.pl 
Trace complete


Code:
TraceRoute to 87.204.168.226 [stomil-poznan.pl]

Hop (ms) (ms) (ms)      IP Address Host name
 1   0   0   0      8.9.232.73   xe-5-3-0.edge3.dallas1.level3.net 
2   1   1   1      4.69.145.77   ae-2-70.edge4.dallas3.level3.net 
3   3   3   3      77.67.71.221   xe-8-1-2.dal33.ip4.tinet.net 
4   162   157   157      89.149.180.177   xe-8-1-0.waw10.ip4.tinet.net 
5   158   152   159      77.67.74.98   netia-gw.ip4.tinet.net 
6   153   143   155      83.238.251.167   warsh002rt22-warsc001rt06.inetia.pl 
7   145   144   146      83.238.251.101   warsc001rt06-poznh002rt09.inetia.pl 
8   143   143   143      83.238.250.162   poznh002rt09-poznh002rt12.inetia.pl 
9   144   144   144      81.210.5.76   poznr001sw01.inetia.pl 
10   143   144   144      213.17.207.110    - 
11   Timed out   Timed out   Timed out        - 
12   Timed out   Timed out   Timed out        - 
13   Timed out   Timed out   Timed out        - 
14   Timed out   Timed out   Timed out        - 
Trace aborted.