On Tue, Feb 03, 2009, Nathan Ward wrote:
I think you will find that "most ISPs, if not all" in the DFZ "null route" 0.0.0.0/0.
If they don't have a route covering 1.0.0.0/8, of course packets destined to that prefix will be dropped.
Damn those backup default routes then... violet:~ adrian$ ping 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 56 data bytes 64 bytes from 1.1.1.1: icmp_seq=0 ttl=246 time=584.909 ms 64 bytes from 1.1.1.1: icmp_seq=1 ttl=246 time=478.598 ms ... 6 mumble.gblx.net (69.x.y.z) 11.907 ms 14.086 ms 16.931 ms 7 ge-2-0-0-10g.scr2.nyc1.gblx.net (67.17.108.233) 18.269 ms 16.460 ms 16.369 ms 8 64-76-84-39.static.impsat.com.co (64.76.84.39) 218.169 ms * 136.983 ms $ Reminds me of when I found various ISPs in Asia "leaking" routes somehow, and large chunks of RFC1918 space suddenly became reachable. Imagine my surprise when someone started seeing SNMP data for some "auto detected" SNMP agent IPs suddenly started returning statistics. For SNMP community "public". For randomly named kit, like "netgear" and "cisco" hostnames. Adrian (ObAmusing: said corporate suddenly thought they had more assets and wanted us to track it down for them; they wouldn't take "its not yours" as an answer. Why? Because RFC1918 addresses are private, right, and obviously that means they're -only- visible on -their- network. Thankfully I was a consultant and that was absolutely not in my scope of responsibility..)