Addind routes via client config file. Address & mask format issue

[artem.kg]

Authirities block access to many social networks where I live and few new resources are being blocked every day. I have a VPN server in the public cloud in other location with no traffic filtered. I set my OpenVPN connection in a way that would route only oficcially blocked traffic through VPN connection while remaining local traffic would is routed directly through my ISP. I have lists of CIDR records of the networks that are officially blocked and I need to access via VPN.

Connection works ok and traffic is routed in accordance with my plan except for some routes that return failure notice upon addition. This is obviously related with my lack of competence in routing.

Lists of networks I want to route through my VPN connection was initially in short CIDR format:
13.107.42.0/24

I have converted it myself to format used in config files:
route 13.107.42.0 255.255.255.0

But here is a problem with adding few route records.

Here is the list of blocked networks that I have found:

129.134.0.0/16
147.75.208.0/20
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
185.89.216.0/22
199.201.64.0/22
204.15.20.0/22

Here is what I converted it into:

route 129.134.0.0 255.255.0.0
route 147.75.208.0 255.255.16.0
route 157.240.0.0 255.255.0.0
route 173.252.64.0 255.255.4.0
route 179.60.192.0 255.255.64.0
route 185.60.216.0 255.255.64.0
route 185.89.216.0 255.255.64.0
route 199.201.64.0 255.255.64.0
route 204.15.20.0 255.255.64.0

Here is excerpt from logfile showing result:

2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 129.134.0.0 MASK 255.255.0.0 172.27.232.1
2022-03-19 11:56:51 Route addition via service succeeded
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 147.75.208.0 MASK 255.255.16.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 157.240.0.0 MASK 255.255.0.0 172.27.232.1
2022-03-19 11:56:51 Route addition via service succeeded
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 173.252.64.0 MASK 255.255.4.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 179.60.192.0 MASK 255.255.64.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 185.60.216.0 MASK 255.255.64.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 185.89.216.0 MASK 255.255.64.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 199.201.64.0 MASK 255.255.64.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed
2022-03-19 11:56:51 C:\WINDOWS\system32\route.exe ADD 204.15.20.0 MASK 255.255.64.0 172.27.232.1
2022-03-19 11:56:51 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=52]
2022-03-19 11:56:51 Route addition via service failed

Can someone please take look and tell me what do I do wrong in converting network formats?

Thanks in advance.

[artem.kg]

I just figured I was using incorrect formula for calculating subnet mask. I was simply doing 2^[number of bits in the octet]. It is wrong way and just happened to work by coincidence for 8 bits in the octet but it is absolutely wrong for any other number. There are plenty onluine calculators that can be used for correct convertation but none of them support bulk lists. I would appleciate someone pointing me to some bulk tool or describe convertion algorythm.

[artem.kg]

Nevermind. I figured the right algorythm and made some Excel automation for convertation. Thanks for reading this.

[Pippin]

Hi,

On Linux I use sipcalc:

Code: Select all

# sipcalc 147.75.208.0/20
-[ipv4 : 147.75.208.0/20] - 0

[CIDR]
Host address            - 147.75.208.0
Host address (decimal)  - 2471219200
Host address (hex)      - 934BD000
Network address         - 147.75.208.0
Network mask            - 255.255.240.0
Network mask (bits)     - 20
Network mask (hex)      - FFFFF000
Broadcast address       - 147.75.223.255
Cisco wildcard          - 0.0.15.255
Addresses in network    - 4096
Network range           - 147.75.208.0 - 147.75.223.255
Usable range            - 147.75.208.1 - 147.75.223.254