For many years, a large customer (telco/VOIP/ISP carrier that should have known better) of a former employer was using 11.0.0.0/8 as an extension of 10.0.0.0/8 and literally forced said employer to carry their routes to those prefixes in those tables (or lose an extremely lucrative contract). At the time, 11/8 was IANA resrved, and my point that it was likely to be allocated to an RIR and subsequently some real entitie(s) on the internet was utterly lost in the pursuit of the almighty dollar. I left that job for greener pastures before IANA allocated that prefix, but I’m sure there were some definite interesting results there when it happened. Owen
On Jan 31, 2024, at 14:45, Tom Beecher <beecher@beecher.cc> wrote:
Even though it is very risky to steal resources from an organization that can deploy a black helicopter or a nuclear warhead over you
Seems a bit dramatic. Companies all over the world have been using other people's public IPs internally for decades. I worked at a place 20 odd years ago that had an odd numbering scheme internally, and it was someone else's public space. When I asked why, the guy who built it said "Well I just liked the pattern."
If you're not announcing someone else's space into the DFZ, or otherwise trying to do anything shady, the three letter agencies aren't likely to come knocking. Doesn't mean anyone SHOULD be doing it, but still.
On Wed, Jan 31, 2024 at 12:49 AM Rubens Kuhl <rubensk@gmail.com <mailto:rubensk@gmail.com>> wrote:
DoD's /8s are usually squatted by networks that run out of private IPv4 space. Even though it is very risky to steal resources from an organization that can deploy a black helicopter or a nuclear warhead over you, for some reason like it not appearing in the DFZ people seem to like it.
Rubens
On Tue, Jan 30, 2024 at 11:40 PM Dave Taht <dave.taht@gmail.com <mailto:dave.taht@gmail.com>> wrote:
That's pretty cool, actually. I keep wondering when someone will offer up a 0.0.0.0/8. <http://0.0.0.0/8.>..
https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-0-00.html
There must be more people out there than just amazon and google that ran out of 10/8.
On Tue, Jan 30, 2024 at 11:29 AM Frank Habicht <geier@geier.ne.tz <mailto:geier@geier.ne.tz>> wrote:
Hi,
I got 2 bounces for the email addresses seen below for an email similar to the below...
Anyone want to remove this IRR entry before anyone notices...??? ;-)
Frank
I believe that the entry of route: 0.0.0.0/32 <http://0.0.0.0/32>
does not serve any good purpose?
I was surprised to see it in a list of prefixes from bgpq4 and the very good https://irrexplorer.nlnog.net/prefix/0.0.0.0 guided me that it's in "Level3".
I'm wondering how many auto-generated filters contain this unnecessary prefix....
PS: Oh, just seen - it's from TODAY. Maybe remove before anyone sees it...?
Thanks for looking into this, Frank
[frank@fisi ~]$ whois -h rr.level3.com <http://rr.level3.com/> 0.0.0.0/32 <http://0.0.0.0/32> [Querying rr.level3.com <http://rr.level3.com/>] [rr.level3.com <http://rr.level3.com/>] route: 0.0.0.0/32 <http://0.0.0.0/32> origin: AS10753 mnt-by: TCCGlobalNV-MNT changed: ankita.grewal@lumen.com <mailto:ankita.grewal@lumen.com> source: LEVEL3 last-modified: 2024-01-30T11:04:49Z
[frank@fisi ~]$ whois -h rr.level3.com <http://rr.level3.com/> TCCGlobalNV-MNT [Querying rr.level3.com <http://rr.level3.com/>] [rr.level3.com <http://rr.level3.com/>] mntner: TCCGlobalNV-MNT descr: TCC Global N.V. auth: CRYPT-PW DummyValue # Filtered for security upd-to: ripehostmaster@eu.centurylink.net <mailto:ripehostmaster@eu.centurylink.net> tech-c: LTHM admin-c: LTHM mnt-by: TCCGlobalNV-MNT changed: ankita.grewal@lumen.com <mailto:ankita.grewal@lumen.com> source: LEVEL3 last-modified: 2024-01-30T11:01:52Z
-- 40 years of net history, a couple songs: https://www.youtube.com/watch?v=D9RGX6QFm5E Dave Täht CSO, LibreQos