John Keown wrote:
I did not make the rule for the notation. That are part of the binary number
system. The total space is the 32 bit octal address space. Therefore there
are certain mathematical restrictions imposed by both the binary and octal
notation. The /xx defines that as some power of 2 a /24 is 2 to 8 power. or
256. a / 25 is 2 the 7 and etc.
No, the /xx means use the leftmost xx bits (only). That's why it's called the
"prefix length". People may choose to implement it using multiplication and/or
division operators but there's no need at all to do so.
The range is calculated by the mathematical operators or, and, xor and the
nor operators. the number must be represented in binary format of 0 and 1.
Yes indeed. Taking the original example:
216.65.64.1/24 i.e. 216.65.64.1/255.255.255.0
or in binary format:
Network: 11011000.01000001.01000000.00000001
Netmask: 11111111.11111111.11111111.00000000
Result: 11011000.01000001.01000000.00000000 (AND)
The "correct" way:
216.65.64.0/24 i.e. 216.65.64.0/255.255.255.0
or in binary format:
Network: 11011000.01000001.01000000.00000000
Netmask: 11111111.11111111.11111111.00000000
Result: 11011000.01000001.01000000.00000000 (AND)
Same result, no problem!
It does appear that the rfc implies that a /24 on a non boundary is
acceptable and from that I say it is doomed.
As I said all mail server have a router built into the mail server and
without writing a separate whole new set of rules for every situation that
may occur and do not adhered to basic mathematical principal the usefulness
of these notations is worthless. The overhead to process such variations
from basic mathematics will severely load the server and make spf a useless
idea.
You still haven't given any indication of why a router should have any
involvement whatsoever in parsing SPF records. Routers route packets, they
don't parse SPF records.
Paul.