what's 224.0.0.0 -- and other newbie net-questions

Thu, 22 Jun 2000 01:07:02 -0500 

Here are some newbie-like networking questions that i hope some
of you experts can elucidate for me:

On my `ipfwadm -leO` output i notice among other rules...

IP firewall output rules, default policy: deny
 pkts bytes type  prot opt  tosa tosx source     destination  ports
    0     0 acc   udp  ---- 0xFF 0x00 0.0.0.0/0  224.0.0.0/4  * -> *
    0     0 acc   icmp ---- 0xFF 0x00 0.0.0.0/0  224.0.0.0/4  *
[columns omitted for space]

this is something that appeared after an 'apt-get upgrade'
(currently in frozen with a slink kernel).
Q: what's the 224.0.0.0 ip/netmask for?
Q: what's the scheme behind ports '* -> *'?

With a netmask of /4 digits, the 224 (decimal) translates to
'E0' (hex); so valid values for the first 'dot' are anything
from 224 (E0) to 239 (EF). I'm familiar with some reserved
blocks of IP numbers, such as 168.192.*.* and 127.0.0.1 --
so, what's (E*).*.*.* for?

---

in my logs (brought to my attention via logcheck) i get
these a lot:

Jun 20 00:18:00 server kernel: IP fw-in deny eth0 ICMP/10 172.146.51.93 
224.0.0.2 L=28 S=0x00 I=50959 F=0x0000 T=128
Jun 20 00:18:03 server kernel: IP fw-in deny eth0 ICMP/10 172.146.51.93 
224.0.0.2 L=28 S=0x00 I=51215 F=0x0000 T=128
Jun 20 00:17:57 server kernel: IP fw-in deny eth0 ICMP/10 172.146.51.93 
224.0.0.2 L=28 S=0x00 I=50191 F=0x0000 T=128

there's that 224.0.0.* address, which may be unrelated.

the other address is always a 172.*.*.* number; the addresses
change, but for each 172.*.*.* address there's always four
to twleve hits or so.

Q: is this something to worry about--or what's going on?

---

and from `ifconfig` i see...

eth0      Link encap:Ethernet  HWaddr 00:60:8C:82:C4:59  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1394446 errors:5 dropped:0 overruns:5 frame:5
          TX packets:1352798 errors:0 dropped:0 overruns:0 carrier:2
          collisions:385 
          Interrupt:10 Base address:0x300 

eth1      Link encap:Ethernet  HWaddr 00:60:97:1E:67:FD  
          inet addr:208.33.90.85  Bcast:208.33.90.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:717781 errors:10 dropped:0 overruns:11 frame:10
          TX packets:709231 errors:0 dropped:0 overruns:0 carrier:4
          collisions:1325 
          Interrupt:11 Base address:0x340 

Q: how bad is it to see errors > 0?
Q: are collisions something to look into?
Q: overruns/frame/carrier != 0 -- do they need fixing?

Reply via email to