Yup, they do indeed. And for fun, I black-listed one of our IPs, and sure enough, the next-hop shows up as 10.255.255.255, and the communities are the same aside from what appear to be regional things. -- BGP routing table entry for 66.253.214.90/32, version 638637516 Paths: (1 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 23473 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 174:22013 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9 On 2/10/17 1:49 PM, Alistair Mackenzie wrote:
Cogent also have a blackhole route-server that they will provide to you to announce /32's for blackholing.
The address for this is 66.28.1.228 which is the originator for the 104.31.19.30/3 <http://104.31.19.30/32>2 and 104.31.18.30/32 routes.
On 10 February 2017 at 18:46, Jason Rokeach <jason@rokeach.net> wrote:
This looks pretty intentional to me. From http://www.cogentco.com/en/network/looking-glass:
BGP routing table entry for 104.31.18.30/32, version 611495773 Paths: (1 available, best #1, table Default-IP-Routing-Table) Local 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, metric 0, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9
BGP routing table entry for 104.31.19.30/32, version 611495772 Paths: (1 available, best #1, table Default-IP-Routing-Table) Local 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) Origin IGP, metric 0, localpref 150, valid, internal, best Community: 174:990 174:20912 174:21001 Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9
Call it a "hunch" but I doubt 10.255.255.255 is a valid next-hop router.
On Fri, Feb 10, 2017 at 1:39 PM, Mike Hammett <nanog@ics-il.net> wrote:
Have we determined that this is intentional vs. some screw up?
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
----- Original Message -----
From: "Brielle Bruns" <bruns@2mbit.com> To: nanog@nanog.org Sent: Friday, February 10, 2017 12:28:53 PM Subject: Re: backbones filtering unsanctioned sites
On 2/9/17 9:18 PM, Ken Chase wrote:
https://torrentfreak.com/internet-backbone-provider- cogent-blocks-pirate-bay-and-other-pirate-sites-170209/
/kc
Funny. Someone else got back:
"Abuse cannot not provide you a list of websites that may be encountering reduced visibility via Cogent"
I almost wish I had a Cogent circuit just to bring this up with an account rep. Almost.
I'd very much so view this as a contractual violation on Cogent's part.
Cogent keeps contacting me every year wanting to sell me service. This will be a good one to bring up when they call me next time.
-- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org