Adder Technology AVX4016IP ユーザーズマニュアル
0
Calculating the mask for IP access control
The.IP.access.control.function.uses.a.standard.IP.address.and.a.net.mask.
notation.to.specify.both.single.locations.and.ranges.of.addresses..In.order.to.
use.this.function.correctly,.you.need.to.calculate.the.mask.so.that.it.accurately.
encompasses.the.required.address(es).
notation.to.specify.both.single.locations.and.ranges.of.addresses..In.order.to.
use.this.function.correctly,.you.need.to.calculate.the.mask.so.that.it.accurately.
encompasses.the.required.address(es).
Single locations
Some.of.the.simplest.addresses.to.allow.or.deny.are.single.locations..In.this.case.
you.enter.the.required.IP.address.into.the.‘Network/Address’.field.and.simply.
enter.the.‘Mask’.as.
Some.of.the.simplest.addresses.to.allow.or.deny.are.single.locations..In.this.case.
you.enter.the.required.IP.address.into.the.‘Network/Address’.field.and.simply.
enter.the.‘Mask’.as.
255.255.255.255.(255 used throughout the mask means
that every bit of the address will be compared and so there can only be one
unique address to match the one stated in the ‘Network/Address’ field).
unique address to match the one stated in the ‘Network/Address’ field).
All locations
The.other.easy.setting.to.make.is.ALL.addresses,.using.the.mask.
The.other.easy.setting.to.make.is.ALL.addresses,.using.the.mask.
0.0.0.0..As.
standard,.the.IP.access.control.section.includes.the.entry:.+
0.0.0.0/0.0.0.0
The.purpose.of.this.entry.is.to.include.all.IP.addresses..It.is.possible.to.similarly.
exclude.all.addresses,.however,.take.great.care.not.to.do.this.as.you.instantly.
render.all.network.access.void..There.is.a.
exclude.all.addresses,.however,.take.great.care.not.to.do.this.as.you.instantly.
render.all.network.access.void..There.is.a.
.should.this.occur..
Address ranges
Although.you.can.define.ranges.of.addresses,.due.to.the.way.that.the.mask.
operates,.there.are.certain.restrictions.on.the.particular.ranges.that.can.be.set..
For.any.given.address.you.can.encompass.neighbouring.addresses.in.blocks.of.
either.2,.4,.8,.16,.32,.64,.128,.etc..and.these.must.fall.on.particular.boundaries..
For.instance,.if.you.wanted.to.define.the.local.address.range:.
192.168.142.67 to 192.168.142.93.
The.closest.single.block.to.cover.the.range.would.be.the.32.addresses.from:.
192.168.142.64 to 192.168.142.95..
The.mask.needed.to.accomplish.this.would.be:.
Although.you.can.define.ranges.of.addresses,.due.to.the.way.that.the.mask.
operates,.there.are.certain.restrictions.on.the.particular.ranges.that.can.be.set..
For.any.given.address.you.can.encompass.neighbouring.addresses.in.blocks.of.
either.2,.4,.8,.16,.32,.64,.128,.etc..and.these.must.fall.on.particular.boundaries..
For.instance,.if.you.wanted.to.define.the.local.address.range:.
192.168.142.67 to 192.168.142.93.
The.closest.single.block.to.cover.the.range.would.be.the.32.addresses.from:.
192.168.142.64 to 192.168.142.95..
The.mask.needed.to.accomplish.this.would.be:.
255.255.255.224..
When.you.look.at.the.mask.in.binary,.the.picture.becomes.a.little.clearer..The.
above.mask.has.the.form:.
above.mask.has.the.form:.
11111111.11111111.11111111.
11100000
.
Ignoring.the.initial.three.octets,.the.final.six.zeroes.of.the.mask.would.ensure.
that.the.32.addresses.from..64.(01000000).to..95.(01011111).would.all.be.
treated.in.the.same.manner..See.
that.the.32.addresses.from..64.(01000000).to..95.(01011111).would.all.be.
treated.in.the.same.manner..See.
.for.
details........
When.defining.a.mask,.the.important.rule.to.remember.is:
When.defining.a.mask,.the.important.rule.to.remember.is:
There must be no ‘ones’ to the right of a ‘zero’..
For.instance,.(ignoring.the.first.three.octets).you.could.not.use.a.mask.that.had.
11100110
because.this.would.affect.intermittent.addresses.within.a.range.in.an.
impractical.manner..The.same.rule.applies.across.the.octets..For.example,.if.you.
have.zeroes.in.the.third.octet,.then.all.of.the.fourth.octet.must.be.zeroes..
have.zeroes.in.the.third.octet,.then.all.of.the.fourth.octet.must.be.zeroes..
The.permissible.mask.values.(for.all.octets).are.as.follows:.
Mask octet
Binary
Number of addresses encompassed
255
11111111
1 address
254
11111110.
2 addresses.
252
11111100.
4 addresses
248
11111000.
8 addresses
240
11110000.
16 addresses
224
11100000.
32 addresses
192
11000000.
64 addresses
128
10000000.
128 addresses
0
00000000.
256 addresses
If.the.access.control.range.that.you.need.to.define.is.not.possible.using.one.
address.and.one.mask,.then.you.could.break.it.down.into.two.or.more.entries..
Each.of.these.entries.could.then.use.smaller.ranges.(of.differing.sizes).that,.
when.combined.with.the.other.entries,.cover.the.range.that.you.require.
For.instance,.to.accurately.encompass.the.range.in.the.earlier.example:
192.168.142.67 to 192.168.142.93.
You.would.need.to.define.the.following.six.address.and.mask.combinations.in.
the.IP.access.control.section:
address.and.one.mask,.then.you.could.break.it.down.into.two.or.more.entries..
Each.of.these.entries.could.then.use.smaller.ranges.(of.differing.sizes).that,.
when.combined.with.the.other.entries,.cover.the.range.that.you.require.
For.instance,.to.accurately.encompass.the.range.in.the.earlier.example:
192.168.142.67 to 192.168.142.93.
You.would.need.to.define.the.following.six.address.and.mask.combinations.in.
the.IP.access.control.section:
Network/address entry Mask entry
192.168.142.67
255.255.255.255
defines 1 address (.67)
192.168.142.68
255.255.255.252
defines 4 addresses (.68 to .71)
192.168.142.72
255.255.255.248
defines 8 addresses (.72 to .79)
192.168.142.80
255.255.255.248
defines 8 addresses (.80 to .87)
192.168.142.88
255.255.255.252
defines 4 addresses (.88 to .92)
192.168.142.93
255.255.255.255
defines 1 address (.93)