Validating IP Addresses in an Access Request

SecureChange Requester This topic is intended for SecureChange handlers who are responsible for processing change requests.

IPv4 Address Validation

When an Access Request ticket is created and when it is handled, a validation is performed on the source and destination IP addresses to ensure that only continuous subnets are used.

For the standard CIDR format masks (/0 through /32 or the full netmask that correlates to its matching CIDR format) the valid IP addresses are those for which a logical AND of the respective bits of the IP address and the netmask returns the bits of the address octet.

Example: logical AND truth table

For the IP address a.b.c.d/w.x.y.z, the validation checks that the logical AND returns the following:

Validation

Result

a AND w

a

b AND x

b

c AND y

c

d AND z

d