From Comcast Cable, at my home in Atlanta, I can ping 10.10.1.1.... which is pong'ed from a private client network hanging somewhere off of Insight Broadband's network in the North Central part of the US. Why on god's green earth do network operators allow such nonsense as this?
-Jim P. Traceroute -I 10.10.1.1 produces the following: traceroute to 10.10.1.1 (10.10.1.1), 30 hops max, 38 byte packets 1 10.238.10.1 (10.238.10.1) 29.089 ms 25.387 ms 28.574 ms 2 66.56.22.66 (66.56.22.66) 30.923 ms 31.305 ms 33.142 ms 3 66.56.22.70 (66.56.22.70) 35.945 ms 35.874 ms 36.832 ms 4 c-66-56-23-38.atl.client2.attbi.com (66.56.23.38) 34.740 ms 35.041 ms 37.537 ms 5 12.118.184.41 (12.118.184.41) 41.967 ms 45.584 ms 43.997 ms 6 gbr2-p70.attga.ip.att.net (12.123.21.6) 44.988 ms 44.706 ms 43.033 ms 7 tbr2-p013602.attga.ip.att.net (12.122.12.37) 49.353 ms 44.010 ms 45.244 ms 8 12.122.10.138 (12.122.10.138) 62.244 ms 62.269 ms 62.148 ms 9 gbr1-p40.sl9mo.ip.att.net (12.122.11.114) 60.922 ms 67.005 ms 60.264 ms 10 gar1-p360.sl9mo.ip.att.net (12.123.24.209) 59.572 ms 64.013 ms 60.198 ms 11 12-220-0-69.client.insightBB.com (12.220.0.69) 77.000 ms 76.050 ms 77.926 ms 12 12-220-7-198.client.insightBB.com (12.220.7.198) 95.437 ms 80.068 ms 84.076 ms 13 10.10.1.1 (10.10.1.1) 93.612 ms 97.280 ms 192.994 ms
Jim Popovitch wrote:
From Comcast Cable, at my home in Atlanta, I can ping 10.10.1.1.... which is pong'ed from a private client network hanging somewhere off of Insight Broadband's network in the North Central part of the US. Why on god's green earth do network operators allow such nonsense as this?
FWIW, I get the same result from Comcast residential coax service from Santa Clara, CA using a plain ol' *nix UDP traceroute. (This is not ICMP specific.) raceroute 10.10.1.1 traceroute to 10.10.1.1 (10.10.1.1), 64 hops max, 44 byte packets [snip my internal net] 3 12.244.25.145 (12.244.25.145) 17.315 ms 17.378 ms 17.492 ms 4 12.244.67.17 (12.244.67.17) 33.548 ms 23.702 ms 13.066 ms 5 12.244.72.206 (12.244.72.206) 21.554 ms 18.118 ms 18.589 ms 6 gbr2-p50.sffca.ip.att.net (12.123.13.62) 23.677 ms 31.973 ms 18.647 ms 7 tbr1-p012702.sffca.ip.att.net (12.122.11.69) 24.447 ms 19.266 ms 19.036 ms 8 tbr1-cl2.sl9mo.ip.att.net (12.122.10.41) 73.801 ms 66.745 ms 71.541 ms 9 gbr2-p10.sl9mo.ip.att.net (12.122.11.102) 68.524 ms 62.157 ms 66.172 ms 10 gar1-p370.sl9mo.ip.att.net (12.123.24.213) 68.568 ms 65.325 ms 62.455 ms 11 12-220-0-69.client.insightBB.com (12.220.0.69) 93.072 ms 98.102 ms 91.132 ms 12 12-220-7-198.client.insightBB.com (12.220.7.198) 88.131 ms 83.943 ms 85.713 ms 13 10.10.1.1 (10.10.1.1) 159.507 ms 101.956 ms 95.575 ms I know that Comcast (formerly AT&T BB) uses the 10-net internally on their transit networks so they can't just blackhole the stuff. Insight's ISP is AT&T (now Comcast?). Looking quickly at the AT&T looking glass, Insight appears to not have its own AS. RFC1918 successfully crossing between ASes would be a Very Bad Thing. However, it looks like it is completely within AT&T here. Not a Good Thing, but not the end of the world. For all I know, 10.10.1.1 might be AT&T equipment using their internal 10-net.
Traceroute -I 10.10.1.1 produces the following:
traceroute to 10.10.1.1 (10.10.1.1), 30 hops max, 38 byte packets 1 10.238.10.1 (10.238.10.1) 29.089 ms 25.387 ms 28.574 ms 2 66.56.22.66 (66.56.22.66) 30.923 ms 31.305 ms 33.142 ms 3 66.56.22.70 (66.56.22.70) 35.945 ms 35.874 ms 36.832 ms 4 c-66-56-23-38.atl.client2.attbi.com (66.56.23.38) 34.740 ms 35.041 ms 37.537 ms 5 12.118.184.41 (12.118.184.41) 41.967 ms 45.584 ms 43.997 ms 6 gbr2-p70.attga.ip.att.net (12.123.21.6) 44.988 ms 44.706 ms 43.033 ms 7 tbr2-p013602.attga.ip.att.net (12.122.12.37) 49.353 ms 44.010 ms 45.244 ms 8 12.122.10.138 (12.122.10.138) 62.244 ms 62.269 ms 62.148 ms 9 gbr1-p40.sl9mo.ip.att.net (12.122.11.114) 60.922 ms 67.005 ms 60.264 ms 10 gar1-p360.sl9mo.ip.att.net (12.123.24.209) 59.572 ms 64.013 ms 60.198 ms 11 12-220-0-69.client.insightBB.com (12.220.0.69) 77.000 ms 76.050 ms 77.926 ms 12 12-220-7-198.client.insightBB.com (12.220.7.198) 95.437 ms 80.068 ms 84.076 ms 13 10.10.1.1 (10.10.1.1) 93.612 ms 97.280 ms 192.994 ms
-- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com
At 05:02 PM 10/18/2004, Crist Clark wrote:
Jim Popovitch wrote:
From Comcast Cable, at my home in Atlanta, I can ping 10.10.1.1.... which is pong'ed from a private client network hanging somewhere off of Insight Broadband's network in the North Central part of the US. Why on god's green earth do network operators allow such nonsense as this?
FWIW, I get the same result from Comcast residential coax service from Santa Clara, CA using a plain ol' *nix UDP traceroute. (This is not ICMP specific.)
Interesting to see who does and doesn't apply bogon filters to their BGP sessions. From a Verio space, the packets do not make it past a default-free router. Good filtering. From AT&T space, the trace goes all the way to InsightBB, no filtering of prefixes. It appears XO does not filter, but that whomever they try to hand the traffic off to in Dallas does filter. Comcast (New England) seems to have some level of filtering, but has a default route loop between Lowell, MA and Needham, MA in their traces. Nice. Appears level3.net filters properly. The presence of the route did provide a nice set of data to see whose networks are implementing filtering.
raceroute 10.10.1.1 traceroute to 10.10.1.1 (10.10.1.1), 64 hops max, 44 byte packets [snip my internal net] 3 12.244.25.145 (12.244.25.145) 17.315 ms 17.378 ms 17.492 ms 4 12.244.67.17 (12.244.67.17) 33.548 ms 23.702 ms 13.066 ms 5 12.244.72.206 (12.244.72.206) 21.554 ms 18.118 ms 18.589 ms 6 gbr2-p50.sffca.ip.att.net (12.123.13.62) 23.677 ms 31.973 ms 18.647 ms 7 tbr1-p012702.sffca.ip.att.net (12.122.11.69) 24.447 ms 19.266 ms 19.036 ms 8 tbr1-cl2.sl9mo.ip.att.net (12.122.10.41) 73.801 ms 66.745 ms 71.541 ms 9 gbr2-p10.sl9mo.ip.att.net (12.122.11.102) 68.524 ms 62.157 ms 66.172 ms 10 gar1-p370.sl9mo.ip.att.net (12.123.24.213) 68.568 ms 65.325 ms 62.455 ms 11 12-220-0-69.client.insightBB.com (12.220.0.69) 93.072 ms 98.102 ms 91.132 ms 12 12-220-7-198.client.insightBB.com (12.220.7.198) 88.131 ms 83.943 ms 85.713 ms 13 10.10.1.1 (10.10.1.1) 159.507 ms 101.956 ms 95.575 ms
I know that Comcast (formerly AT&T BB) uses the 10-net internally on their transit networks so they can't just blackhole the stuff. Insight's ISP is AT&T (now Comcast?). Looking quickly at the AT&T looking glass, Insight appears to not have its own AS. RFC1918 successfully crossing between ASes would be a Very Bad Thing. However, it looks like it is completely within AT&T here. Not a Good Thing, but not the end of the world. For all I know, 10.10.1.1 might be AT&T equipment using their internal 10-net.
Traceroute -I 10.10.1.1 produces the following: traceroute to 10.10.1.1 (10.10.1.1), 30 hops max, 38 byte packets 1 10.238.10.1 (10.238.10.1) 29.089 ms 25.387 ms 28.574 ms 2 66.56.22.66 (66.56.22.66) 30.923 ms 31.305 ms 33.142 ms 3 66.56.22.70 (66.56.22.70) 35.945 ms 35.874 ms 36.832 ms 4 c-66-56-23-38.atl.client2.attbi.com (66.56.23.38) 34.740 ms 35.041 ms 37.537 ms 5 12.118.184.41 (12.118.184.41) 41.967 ms 45.584 ms 43.997 ms 6 gbr2-p70.attga.ip.att.net (12.123.21.6) 44.988 ms 44.706 ms 43.033 ms 7 tbr2-p013602.attga.ip.att.net (12.122.12.37) 49.353 ms 44.010 ms 45.244 ms 8 12.122.10.138 (12.122.10.138) 62.244 ms 62.269 ms 62.148 ms 9 gbr1-p40.sl9mo.ip.att.net (12.122.11.114) 60.922 ms 67.005 ms 60.264 ms 10 gar1-p360.sl9mo.ip.att.net (12.123.24.209) 59.572 ms 64.013 ms 60.198 ms 11 12-220-0-69.client.insightBB.com (12.220.0.69) 77.000 ms 76.050 ms 77.926 ms 12 12-220-7-198.client.insightBB.com (12.220.7.198) 95.437 ms 80.068 ms 84.076 ms 13 10.10.1.1 (10.10.1.1) 93.612 ms 97.280 ms 192.994 ms
-- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387
The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com
AT&T normally rejects bogons such as RFC1918, urpf-detected forgeries from customers, traffic pointed at internal network routers, etc. However, AT&T's network does support MPLS, so if InsightBB is part of the Comcast cloud, it may be that this _looks_ like the public internet but is really an MPLS private network cloud that happens to use similar addresses and only reaches the Internet through gateways, in spite of being carried on much of the same hardware. Disclaimer: As a Comcast stockholder, I probably should know their architecture and whether or not InsightBB is part of their company, but all I really know about it is that cable companies have a history of doing funky things, particularly with NAT, which is one of many reasons I use DSL at home instead of cable modems. And this posting is strictly my private speculation, not my employer's. Bill Stewart
participants (4)
-
Bill Stewart
-
Crist Clark
-
Daniel Senie
-
Jim Popovitch