Example: Complex Mapping - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

A company must use the IP/mask 192.0.2.0/13 to restrict all employees of certain departments from accessing the database. This mask, with a value not divisible by 8, includes many additional IP addresses beyond the 255 x 255 addresses represented by the zeros in segments three and four, because it also partially masks segment two.

The following masking analysis helps explain the effect of a partial segment mask on the content of the top level subnet address:
  • AND the binary values of the subnet address with those of the mask:
    11000000.00000000.00000010.00000000 (192.0.2.0)
    11111111.11111000.00000000.00000000 (255.248.0.0 or /13)
    ________________________________
    11000000.00000000.00000010.00010000 (192.0.2.22)
  • The result shows the first 13 digits in bold text to indicate that they must be present in any address allowed by the allow element. Note that the first 13 digits of the result match the first 13 digits of the original range. The remaining 19 digits appear in normal text to indicate that they can be either a zero or a 1 and still be part of the subnet.
  • Expressing all 19 digits as 1, while retaining the first 13 digits as shown in bold, results in the largest possible address in this subnet, or 11000000.11111111.11111111.11111111 (192.255.255.255).
  • The total range of addresses in subnet 192.0.0.0/13 includes all addresses from 192.00.0.0 through 192.0.255.255.

To apply partial segment masking to IP filters, see Example: Secondary Element Processing—Single Address Exception and Example: Secondary Element Processing—Carve Out Exception.