svn commit: r190758 - head/sbin/route
Alexander Motin
mav at FreeBSD.org
Mon Apr 6 03:39:44 PDT 2009
Randall Stewart wrote:
> Author: rrs
> Date: Mon Apr 6 10:09:20 2009
> New Revision: 190758
> URL: http://svn.freebsd.org/changeset/base/190758
>
> Log:
> Class based addressing went out in the early 90's. Basically
> if a entry is not route add -net xxx/bits then we should use
> the addr (xxx) to establish the number of bits by looking at
> the first non-zero bit. So if we enter
> route add -net 10.1.1.0 10.1.3.5
> this is the same as doing
> route add -net 10.1.1.0/24
> Since the 8th bit (zero counting) is set to 1 we set bits
> to 32-8.
>
> Users can of course still use the /x to change this behavior
> or in cases where the network is in the trailing part
> of the address, a "netmask" argument can be supplied to
> override what is established from the interpretation of the
> address itself. e.g:
>
> route add -net 10.1.1.8 -netmask 0xff00ffff
>
> should overide and place the proper CIDR mask in place.
>
> PR: 131365
> MFC after: 1 week
Are you sure that this is a good idea? Is this behavior
described/recommended somewhere? IMHO specifying network without
explicitly defined netmask is at least dangerous, if not wrong, in
present classless addressing time. Changing existing behavior breaks
POLA for some set of users, while benefits are not so obvious to me.
With previous code networks 10.0.0.0 and 11.0.0.0 were treated as /8,
but with this change it became /7 and /8 respectively.
Author of the PR referred here expects network 192.168 to be treated as
/16, but with your algorithm it will probably become /13.
--
Alexander Motin
More information about the svn-src-head
mailing list