26

I know that if I have a network 83.23.159.0/24 then I have 254 usable host IP addresses because:

83.23.159.0      (in binary: host portion all zeros) is the subnet address
83.23.159.1-254  are host addresses
83.23.159.255    (in binary: host portion all ones) is the broadcast address

I understand the use for a broadcast address, but I don't understand what the subnet address is ever used for. I can't see any reason that an IP packet's destination address would be set to the subnet address, so why does the subnet itself need an address if it is never going to be the endpoint for AN IP flow? To me it seems like a waste to not allow this address to be used as a host address.

To summarise, my questions are:

  1. Is an IP packet's destination ever set to the subnet IP address?
  2. If yes, in what cases and why?
  3. If no, then why not free up that address for any host to use?
Grezzo
  • 370
  • 1
  • 3
  • 9
  • 2
    `ifconfig` doesn't complain when you set a 24-net's host address to 0 or 255. Just try using it. – ott-- Nov 22 '12 at 18:22
  • 2
    I did. It seems to work for a .0. But it might break older software. .255 will also work if you use not use any protocols which require broadcast. I guess you can set it up if you manually configure the ARP tables with permanent addresses on all computers, but **yuk!** – Hennes Nov 22 '12 at 18:59
  • possible duplicate of [How does IPv4 Subnetting Work?](http://serverfault.com/questions/49765/how-does-ipv4-subnetting-work) – John Gardeniers Nov 25 '12 at 02:26
  • 1
    I disagree with that John. I rechecked it and it does not address the specific question asked. Which is rather an edge case. – Hennes Nov 25 '12 at 14:52
  • The first and last IP address in a subnet are reserved. The first is used as the network id the last is used for broadcast. depending on the mask, sometimes the first is 0 and the last is 255. – Ben Plont Dec 10 '14 at 19:04
  • 1
    This question is now also asked on or new network engineering site. Those answers (at [http://networkengineering.stackexchange.com/questions/11200/what-is-the-purpose-of-network-address-aka-subnet-address](http://networkengineering.stackexchange.com/questions/11200/what-is-the-purpose-of-network-address-aka-subnet-address)) have information which is not yet in [SF]'s posts. – Hennes Dec 30 '14 at 11:29

8 Answers8

15

An address with an all-zero host portion refers to the network itself, rather than to any particular host.

Historically, this zero host address has served as an alternative broadcast address, and devices still respond that way.

So, I have to disagree with some other answers: no, zero is not a perfectly usable host address. If you need more than 254 addresses, you have to create a larger subnet.

Look, my Linksys router, whose address is .1 responds to pings of .0. (The netmask is 255.255.255.0, so the last octet corresponds to the host number.)

webserver:~# ping  192.168.1.0
Do you want to ping broadcast? Then -b
webserver:~# ping -b 192.168.1.0
WARNING: pinging broadcast address
PING 192.168.1.0 (192.168.1.0) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.46 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.812 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.819 ms

If I assigned the .0 address to some host, I wouldn't be able to ping it without the router chiming in with its responses also. And as you can see, some tools like that router's version of ping treat 0 as a broadcast.

You can bend the rules, if you're willing to patch all protocol stacks and other software which is affected by such a bending. Otherwise, stick to the rules.

Case in point.

I worked at a company which designed a network node built in a 14 slot chassis, running numerous independent OS images on several types of cards, all communicating via a backplane. There was a networking setup over the backplane with a convention that 127.X.0.Y is the internal IP address of node Y in slot X, all numbered from 1.

We basically subnetted the loopback address for our own purposes. To make it work, we had to patch the Linux kernel here and there, and IIRC, a little bit of user space.

Since that network was only used within the box, and most programs that require loopback use the 127.0.* network (and in fact the specific address 127.0.0.1) which continued to work normally, everything was cool.

Kaz
  • 487
  • 2
  • 11
14

Is an IP packet's destination ever set to the subnet IP address?

Yes. It is a valid IP so it can be used.

If yes, in what cases and why?

It is simply one of the 255 usable IPs in a /24

If no, then why not free up that address for any host to use?

If you have ancient hardware then you need to check if it uses the first or the last address as network address. (.0 or .255 for networks with mask FF.FF.FF.00)

This makes it a good habit to skip that IP. And habits learned long ago are hard to ignore.

And people who do not know the background do not use it 'because other do not use it either, so it must be wrong to use it' or because they do not realise that '0' can be a first number.

[Edit] Grezzo just tested it on Windows XP where windows network GUI 'helpfully' prevented this setting. Windows 7 has the same behaviour. I then tried it on a non-windows host where it just works. If you use windows then you might have to configure your network manually via IPconfig to set it to all zeros.

192.168.1.0_on_win7 192.168.1.0_on_FreeBSD

[Edit 2]

The longer I work with this the more confused I get.

Rfc4632 - Classless Inter-domain Routing does not seem to forbid it, but neither allows it explicitly.

This ServerFault post mentions: "For historical reasons many OSes treat the first address as a broadcast. For example, pinging x.x.x.0 from OS X, Linux, and Solaris on my local (/24) network gets responses. Windows doesn't let you ping the first address by default but you might be able to enable it using the SetIPUseZeroBroadcast WMI method. I wonder if you could get away with using .0 as a host address on an all-Windows network.".

It is the same question, but not an answer.

The network address is also used in routing tables. But I fail to see why it would not work due to that. The same notation in the routing tables would route to the right network. Once on the right network it would arrive at a PC with IP 0.

(All of this for a 192.168.1/24.
If you used 192.168.0/23 then 192.168.1.0 would be a valid and safe value in the middle of the range)

[Edit 3]

One more link to the same question. It seems somewhat popular on stack exchange:

https://superuser.com/questions/379451/why-can-a-network-address-not-be-a-valid-host-address

And one thought:

Destination_IP is probably ANDed with the network mast (a fast operation in hardware) before being compared to the entries in the routing tables. But:

(A semi-random IP) 192.168.0.42 AND 255.255.255.0 would yield 192.168.0.0
But 192.168.0.0 AND 255.255.255.0 would also yield 192.168.0.0

[Edit 4 - Long after this answer was written - I might need to rewrite the entire post due to this new information ]

RFC923 states on page 3 that:

  In certain contexts, it is useful to have fixed addresses with
  functional significance rather than as identifiers of specific
  hosts.  When such usage is called for, the address zero is to be
  interpreted as meaning "this", as in "this network".  The address
  of all ones are to be interpreted as meaning "all", as in "all
  hosts".  For example, the address 128.9.255.255 could be
  interpreted as meaning all hosts on the network 128.9.  Or, the
  address 0.0.0.37 could be interpreted as meaning host 37 on this
  network.

Quoting @ylearn on our networkengineering site

I believe the first documentation of that comes from RFC950 which references RFC943 (which obsoleted RFC923 above but uses the same language for special addresses):

     It is useful to preserve and extend the interpretation of these
     special addresses in subnetted networks.  This means the values
     of all zeros and all ones in the subnet field should not be
     assigned to actual (physical) subnets.
Community
  • 1
Hennes
  • 4,772
  • 1
  • 18
  • 29
  • So to clarify, are you saying that x.x.x.0/24 **is** a valid IP address for a host? If that is so, then why (when I try to set my IP address to 192.168.1.0 with a netmask of 255.255.255.0) does windows XP say "_The combination of IP address and subnet mask is invalid. All of the bits in the host address portion of the IP address are set to 0. Please enter a valid combination of IP address and subnet mask._" – Grezzo Nov 22 '12 at 17:24
  • 4
    Windows is wrong. (Or said with less force: windows is overly careful to work with any combination of systems). I just tried this on my windows 7 system and I got the same error as you did. I installed a clean FreeBSD system and tested it where it just works. (I'll add that to the post) – Hennes Nov 22 '12 at 17:45
  • Thanks, you've been really helpful. Just wanted to add that the GUI in OS X won't let you do it either, but I bet ifconfig would. I can't understand why m0ntassar's answer has got more up votes - it doesn't even try to answer my question. One more thing; when you say "_If you have ancient hardware then you need to check if it uses the first or the last address as network address._" do you mean _broadcast address_. – Grezzo Nov 22 '12 at 19:01
  • Yes, I meant broadcast address. Damn, where is that "edit comment older than 5 minutes" button. – Hennes Nov 22 '12 at 19:03
  • Sweet, I just tried pinging .0 and .255, both times my PS3 replied (everything else is wireless so I guess that's why it got in there first) from .65 so that confirms that in my network both are used for broadcast which is why (normally) we shouldn't use either for a real host address. – Grezzo Nov 22 '12 at 19:08
  • Windows is actually correct. The spec is that the network address is not supposed to be assigned to a device. If you try to ping the network address it should be ignored but that varies by vendor. I've never thought to try it but I've been told that with Cisco routers pinging the network address gets the same behavior as pinging the broadcast address - all devices on that network segment respond. – TheSteven Nov 25 '12 at 10:18
  • "Is not supposed to be" as in RFC "must not" or "should not"? Or stated differently: I think it is allowed. I can not find any modern RFC which explicitly forbids it. That is all nice and formal. Praxis is that it was used in the past, many TCP/IP stacks are old and even on a relative modern machine such as an Xbox 360 you get response to .0 as if you used broadcast. Thus actually using it in a network where you do not have FULL control is a bad idea. YPi are asking for problems. But I still think it is legal. Just not wise. – Hennes Nov 25 '12 at 14:32
  • I don't understand the point of the last paragraph. Yes, a destination IP is ANDed, and so what? 192.168.0.0 gets ANDed and correctly matches the subnet route 192.168.0.0/255.255.255.0. Then if we form the inverse of the mask 0.0.0.255, and AND with the address, then we correctly extract the host address of 0. Zero does not break under masking. – Kaz Jun 12 '14 at 17:51
7

actually it depends on the netmask, for example, for the network 83.23.159.0/23, 83.23.159.0 is a perfectly usable ip address

m0ntassar
  • 1,233
  • 7
  • 12
  • 3
    +1 - 83.23.158.255 would also be a valid host address. People get hung up on the no 0's and no 255's rule without considering the subnet mask. – joeqwerty Nov 22 '12 at 14:54
  • 1
    I am aware that a x.x.x.0 address is valid with a netmask of less that /24, but notice that in my question I specified a /24 netmask, so you haven't answered my question. I wasn't talking about all 0s or 255s in the last quartet/byte, I said all 0s or 255s in the in the "host portion" of the IP address. This takes into account the netmask. – Grezzo Nov 22 '12 at 17:20
  • I've worked with soooo many people that freak out when they see .255 or even .1 addresses being used in /22 address spaces, and they rarely ever 'get it' even after I explian it to them. T.T – Sammitch Nov 22 '12 at 22:07
  • 2
    @Grezzo short answer: non-CIDR and legacy stuff breaks with .0, MS just disallows it completely. But IPv6 is imminent so why bother worrying? ;) – Sammitch Nov 22 '12 at 22:08
  • 2
    This is not really an answer since the question isn't really about dot notation numerology but about the status/meaning of a 0 host address in any width subnet. – Kaz Nov 22 '12 at 23:53
  • 3
    I don't see why this answer has so many up votes. 83.23.159.0/23 isn't "technically" a valid network. 83.23.159.0 with a 23 mask is actually an ip right in the middle of the 83.23.158.0/23 network. The question wasn't "why can't I have .0 at the end of the ip", it was "why can't I use the address with host part all zeros". In your example, the "all host zeros" address would be 83.23.158.0. As mentioned in other answers, this is historically an unusable address (the "network address") and while it may work on some OS's, it is not advisable to try and use it. – USD Matt Nov 24 '12 at 19:29
4

Sounds like there is a little confusion here with basic networking.

The 'ancient hardware' referred to in one of the responses would not use IP Subnet Zero - using ip address x.x.x.0 with a network set up for a /24 CIDR or 255.255.255.0 subnet mask is a different issue completely.

IP Subnet Zero

  • Older hardware would not use IP Subnet Zero - meaning they would not use the first subnet on a multi-subnet network system. So on a /23 or 255.255.254.0 network the subnet X.X.X.0 and all it's addresses would not be used. Modern routers do not have this restriction but can be configured to use this old model I.E. not use subnet zero, if desired.

Usable host IP addresses on a subnet

  • Basic networking:
    • With /24 i.e. subnet mask of 255.255.255.0
    • x.x.x.0 is reserved as the network address. Routers and routing protocols (EIGRP, RIP2, etc.) use the network address to define network segments for moving packets within and across network network boundaries.
    • x.x.x.255 is reserved for the broadcast address
    • It is common practice to use the addresses .1 or .254 on routers so that leaves 253 usable IP numbers.

Both the network address and the broadcast address are reserved and cannot (by current and previous network standards) be assigned to a device. Using x.x.x.0 for a host address on a /24 system is wrong. Even if Linux lets you use it does not mean that it is right, it just means that Linux thinks that you know what you are doing.

If your system is letting you assign x.x.x.0 as an IP4 address to a host and it appears to be working - chances are that particular host is receiving ALL traffic targeted to ANY device on that network so its networking is probably not working optimally.

TheSteven
  • 141
  • 2
  • 1
    You have said "_x.x.x.0 is reserved as the network address (think of it as global address or pointer to the whole subnet)_" but not explained what it is actually used for, and therefore not explained why it can't be used for a host – Grezzo Nov 24 '12 at 08:19
  • 2
    Updated my post. Bottom line is that assigning the network address to a device is against the specs and while you might get away with using it in a small stub network you still run the risk that if you're router gets a software update (or if you change routers) that the device or your whole network may stop functioning properly. – TheSteven Nov 25 '12 at 10:29
4

RFC 1122 ("Requirements for Internet Hosts -- Communication Layers") prohibits it:

IP addresses are not permitted to have the value 0 or -1 for any of the < Host-number>, < Network-number>, or < Subnet- number> fields

Community
  • 1
Bryan
  • 334
  • 2
  • 8
0

First, it is worth noting that all-zero addresses in IPv6 are defined by RFC4291 as "Required Anycast Address" which are addresses that at least one router on a segment, but not necessarily all of them, will answer to. (Anycast addresses in both IPv6 and IPv4 can have non-zero host portions.) So the answer is definitively "no" for IPv6 unless you are using it to provide anycast services.

As mentioned in other answers it is not safe to use these IPv4 addresses as host addresses on a broadcast medium: for historical reasons many hosts will respond to packets with these addresses as though they were broadcast packets. However, it is also not safe to ban use of these addresses upstream even if you have a clear indication (from a routing entry) that the address is at the bottom of a subnet... the address may be used on a non-broadcast subnet like a NAT pool, or a /31 used as a router wire address. This means anti-"smurf"-like DoS protections belong if at all possible on the directly connected router, which should know if the media is or is not a broadcast domain. And these protections are present in the usual case, so that's a second reason why using these addresses as unicast addresses on broadcast media will not work: no traffic from off-segment may be allowed to reach them by the router.

If one were to extrapolate from RFC923, a zero host would be "This host on a particular network". It's not safe to make that extrapolation because the RFC only addresses the network address, not the host address. However it is conceivable that some IP address negotiation protocol may have been been deployed where a host knows the subnet it wants to belong to, but does not know its host address and is asking for autoconfiguration on that particular network by specifying a zero host address. That is another possible interpretation to look out for.

skids
  • 21
  • 1
0

Actually the answer is the basic of subnetting. The "all zeros" IP of your subnet combined with the network id is used to calculate where the packet has to be sent to.

In your example you have a subnet of 255.255.255.0. Any device that knows the TCP/IP protocol will use the netmask combined with the IP address to calculate if the packet is destined for the local network (by performing a logical AND operation) or that it has to be sent trough the gateway / router.

So I guess the reason that IP can not be used is because it is already used to "define" the network boundaries together with the netmask by design.

Goez
  • 1,788
  • 1
  • 10
  • 15
  • 2
    You say that "_Any device that knows the TCP/IP protocol will use the netmask combined with the IP address to calculate if the packet is destined for the local network (by performing a logical AND operation)_", but ANDing 83.23.159.0 with 255.255.255.0 and ANDing 83.23.159.1 with 255.255.255.0 produces the same result (83.23.159.0) so using this calculation to figure out if it is destined for the network or router still works even when a host has the .0 address – Grezzo Nov 23 '12 at 10:32
0

It was requested that I repost my answer from NetworkEngineering, so I will do so with some modification for this site.

In RFC919, it makes reference of the general acceptance of the network address:

However, as a notational convention, we refer to
networks (as opposed to hosts) by using addresses with zero fields.
For example, 36.0.0.0 means "network number 36"

This provides a convention that should clarify our understanding if someone were to mention "10.1.2.0" as the network and not a host on the network.

From there, the use of "0" in a IP addresss was defined in RFC923 and carried over in successive RFCs:

Special Addresses:

  In certain contexts, it is useful to have fixed addresses with
  functional significance rather than as identifiers of specific
  hosts.  When such usage is called for, the address zero is to be
  interpreted as meaning "this", as in "this network".  The address
  of all ones are to be interpreted as meaning "all", as in "all
  hosts".  For example, the address 128.9.255.255 could be
  interpreted as meaning all hosts on the network 128.9.  Or, the
  address 0.0.0.37 could be interpreted as meaning host 37 on this
  network.

This example provides for a specific host on the current network (0.0.0.37) by using 0's in the network portions of the address, but it doesn't actually clarify the opposite case (0's in the host portion of the address). However as it did define "0" as "this."

In RFC1060 the address "0.0.0.0" was clearly documented as "this host on this network":

     (a)   {0, 0}

        This host on this network.  Can only be used as a source
        address (see note later).

Since all zeroes for the host part of the address meant "this host," it logically follows that it is unusable as a host address.

Getting back to directly answering your questions:

  1. Is an IP packet's destination ever set to the subnet IP address?
  2. If yes, in what cases and why?
  3. If no, then why not free up that address for any host to use?

According to what I find in the RFCs, this should not be used. I will admit it isn't as clearly specified as I would like, but that is all to common in many standards. When the standards are a bit less firm on a point, the industry then seems to "settle" into a generally accepted interpretation.

Further, based on the content of the RFCs software may be written to assume that this address is used to address the network and not a particular host. Or even more literally as some sort of "loopback" (i.e. this host on the specified network).

So why do some OSes clearly allow it's use? I would imagine like many things that it comes down to developer time/resources or no one really thought to add the validity check. The logic has to be a bit more involved than "if it ends in 0" as a larger subnet (a /23 or larger) will contain valid IP address of .255 and .0 (i.e. 10.1.2.0/23 contains both valid IP address of 10.1.2.255 and 10.1.3.0). Although some organizations do also avoid the use of those valid address in larger subnets to avoid any odd issues with software that doesn't support modern subnetting correctly.

As to why not free up that one IP address, it simply comes down to cost/benefit. It would take a lot of time and effort to make this change to get back one IP address per subnet and in how many cases where you need additional IP addresses, will only one address be enough? It is much easier to add a second subnet or enlarge the current subnet, potentially giving you many addresses to use instead of just one while making no major changes to any software/hardware in place.

Community
  • 1
YLearn
  • 1,237
  • 7
  • 17