[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cloudflare public DNS broken w/ AT&T CPE

In article <20180402150821.GA24937 at cmadams.net> you write:
>Once upon a time, Matt Hoppes <mattlists at rivervalleyinternet.net> said:
>> Seeing as how isnâ??t suppose to be routed
>[citation needed]

Look at the WHOIS info -- is assigned to APNIC Research, and it says

remarks:        ++++++++++++++++++
remarks:        + Address blocks listed with this contact
remarks:        + are withheld from general use and are
remarks:        + only routed briefly for passive testing.
remarks:        +
remarks:        + If you are receiving unwanted traffic
remarks:        + it is almost certainly spoofed source
remarks:        + or hijacked address usage.

There's a comment at the top saying:

descr:          APNIC and Cloudflare DNS Resolver project
descr:          Routed globally by AS13335/Cloudflare
descr:          Research prefix for APNIC Labs

So it's routed deliberately but it sure looks like an experiment.
There's way too much equipment that treats as magic for it to
work reliably.  Captive portals tend to use that address for the host
you contact to log out.