Cogent's best friend to the rescue: http://bgp.he.net/ip/104.31.18.30#_dns Looks like mostly proxy/torrent sites on that IP address. -- Jason Canady Unlimited Net, LLC Responsive, Reliable, Secure On 2/11/17 5:11 PM, Marco Teixeira wrote:
So... i doubt CloudFlare allocates one ip per domain served... which means Cogent customers will be unable to access other CloudFlare proxied site, served by this same IP, for a particular geographic zone?
--- Marco
On Sat, Feb 11, 2017 at 8:44 PM, Alistair Mackenzie <magicsata@gmail.com> wrote:
Cogent confirmed on the phone that they are the ones who put the blackhole in place. This is after they closed our ticket twice without response.
Purposely didn't mention a website in the ticket yet they asked on the phone if it was regarding thepiratebay so they are very aware of this...
On 11 February 2017 at 15:18, Bryan Holloway <bryan@shout.net> wrote:
Yup, they do indeed. And for fun, I black-listed one of our IPs, and sure enough, the next-hop shows up as 10.255.255.255, and the communities are the same aside from what appear to be regional things.
--
BGP routing table entry for 66.253.214.90/32, version 638637516 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 23473 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 174:22013 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9
On 2/10/17 1:49 PM, Alistair Mackenzie wrote:
Cogent also have a blackhole route-server that they will provide to you to announce /32's for blackholing.
The address for this is 66.28.1.228 which is the originator for the 104.31.19.30/3 <http://104.31.19.30/32>2 and 104.31.18.30/32 routes.
On 10 February 2017 at 18:46, Jason Rokeach <jason@rokeach.net> wrote:
http://www.cogentco.com/en/network/looking-glass:
BGP routing table entry for 104.31.18.30/32, version 611495773 Paths: (1 available, best #1, table Default-IP-Routing-Table) Local 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, metric 0, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9
BGP routing table entry for 104.31.19.30/32, version 611495772 Paths: (1 available, best #1, table Default-IP-Routing-Table) Local 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, metric 0, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9
Call it a "hunch" but I doubt 10.255.255.255 is a valid next-hop router. On Fri, Feb 10, 2017 at 1:39 PM, Mike Hammett <nanog@ics-il.net> wrote: Have we determined that this is intentional vs. some screw up?
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
----- Original Message -----
From: "Brielle Bruns" <bruns@2mbit.com> To: nanog@nanog.org Sent: Friday, February 10, 2017 12:28:53 PM Subject: Re: backbones filtering unsanctioned sites
On 2/9/17 9:18 PM, Ken Chase wrote:
> https://torrentfreak.com/internet-backbone-provider- > cogent-blocks-pirate-bay-and-other-pirate-sites-170209/
> /kc > > Funny. Someone else got back:
"Abuse cannot not provide you a list of websites that may be encountering reduced visibility via Cogent"
I almost wish I had a Cogent circuit just to bring this up with an account rep. Almost.
I'd very much so view this as a contractual violation on Cogent's
This looks pretty intentional to me. From part.
Cogent keeps contacting me every year wanting to sell me service. This will be a good one to bring up when they call me next time.
-- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org