Calculating the mask for IP access control

The IP access control function uses a standard IP address and a net mask notation to specify both single locations and ranges of addresses. In order to use this function correctly, you need to calculate the mask so that it accurately encompasses the required address(es).

Single locations

Some of the simplest addresses to allow or deny are single locations. In this case you enter the required IP address into the ‘Network/Address’ field and simply enter the ‘Mask’ as 255.255.255.255 (255 used throughout the mask means that every bit of the address will be compared and so there can only be one unique address to match the one stated in the ‘Network/Address’ field).

All locations

The other easy setting to make is ALL addresses, using the mask 0.0.0.0 As standard, the IP access control section includes the entry: +0.0.0.0/0.0.0.0 The purpose of this entry is to include all IP addresses. It is possible to similarly exclude all addresses, however, take great care not to do this as you instantly render all network access void. There is a recovery procedure should this occur.

Address ranges

Although you can define ranges of addresses, due to the way that the mask operates, there are certain restrictions on the particular ranges that can be set. For any given address you can encompass neighbouring addresses in blocks of either 2, 4, 8, 16, 32, 64, 128, etc. and these must fall on particular boundaries. For instance, if you wanted to define the local address range:

192.168.142.67 to 192.168.142.93

The closest single block to cover the range would be the 32 addresses from:

192.168.142.64 to 192.168.142.95.

The mask needed to accomplish this would be: 255.255.255.224

When you look at the mask in binary, the picture becomes a little clearer. The above mask has the form: 11111111.11111111.11111111.11100000

Ignoring the initial three octets, the final six zeroes of the mask would ensure that the 32 addresses from .64 (01000000) to .95 (01011111) would all be treated in the same manner. See Net masks - the binary explanation for details.

When defining a mask, the important rule to remember is:

There must be no ‘ones’ to the right of a ‘zero’.

For instance, (ignoring the first three octets) you could not use a mask that had 11100110 because this would affect intermittent addresses within a range in an impractical manner. The same rule applies across the octets. For example, if you have zeroes in the third octet, then all of the fourth octet must be zeroes.

The permissible mask values (for all octets) are as follows:

Mask octet

Binary

Number of addresses encompassed

255

11111111

1 address

254

11111110

2 addresses

252

11111100

4 addresses

248

11111000

8 addresses

240

11110000

16 addresses

224

11100000

32 addresses

192

11000000

64 addresses

128

10000000

128 addresses

0

00000000

256 addresses

If the access control range that you need to define is not possible using one address and one mask, then you could break it down into two or more entries. Each of these entries could then use smaller ranges (of differing sizes) that, when combined with the other entries, cover the range that you require.

For instance, to accurately encompass the range in the earlier example:

192.168.142.67 to 192.168.142.93

You would need to define the following six address and mask combinations in the IP access control section:

Network/address entry

Mask entry

 

192.168.142.67

255.255.255.255

defines 1 address (.67)

192.168.142.68

255.255.255.252

defines 4 addresses (.68 to .71)

192.168.142.72

255.255.255.248

defines 8 addresses (.72 to .79)

192.168.142.80

255.255.255.248

defines 8 addresses (.80 to .87)

192.168.142.88

255.255.255.252

defines 4 addresses (.88 to .92)

192.168.142.93

255.255.255.255

defines 1 address (.93)

   



55

Page 56
Image 56
Adder Technology AdderLink IP Calculating the mask for IP access control, Single locations, All locations, Address ranges

AdderLink IP specifications

Adder Technology's AdderLink IP is a cutting-edge solution designed to extend and manage KVM (Keyboard, Video, Mouse) signals over IP networks. This innovative technology facilitates the remote access and control of computers and servers, making it an essential tool for organizations that require efficient management of their IT resources.

One of the main features of AdderLink IP is its ability to transmit high-resolution video signals with minimal latency. Supporting resolutions up to 4K at 60Hz, it ensures that users experience clarity and responsiveness that is comparable to direct connections. This capability is crucial for industries such as broadcasting, media production, and any environment where graphics-intensive applications are commonplace.

The AdderLink IP employs advanced digitization techniques to ensure high-quality video transmission over standard IP networks. Its use of H.264 video compression allows for efficient bandwidth usage while maintaining image integrity. With this feature, users can easily adapt to various network conditions without compromising performance.

Another standout characteristic is the support for real-time remote access through a web browser, allowing users to connect to their systems from virtually anywhere in the world. Whether for troubleshooting, maintenance, or system management, the AdderLink IP empowers IT professionals with the flexibility they need to perform their duties effectively. The built-in security protocols ensure that access is both secure and reliable.

Moreover, AdderLink IP is designed to be user-friendly. Configuration and management can be performed via an intuitive web interface, simplifying the setup process for users of all technical skill levels. Compatibility with a range of operating systems and devices further enhances its versatility.

Furthermore, the system supports multi-user access, enabling multiple operators to connect to the same devices simultaneously without conflicts. This functionality is particularly useful in collaborative environments where teams need concurrent access to critical systems.

In summary, Adder Technology's AdderLink IP stands out as a robust solution for KVM over IP needs. With its high-quality video transmission, real-time remote access, ease of use, and enhanced security features, it enables organizations to effectively manage their IT infrastructure, thereby boosting productivity and operational efficiency. As the demand for remote access increases, AdderLink IP remains a pivotal component in the evolution of IT management solutions.