nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

From: "John Levine" <johnl () iecc com>
Date: 2 Apr 2018 11:17:47 -0400
In article <20180402150821.GA24937 () cmadams net> you write:

Once upon a time, Matt Hoppes <mattlists () rivervalleyinternet net> said:

Seeing as how 1.1.1.1 isn’t suppose to be routed


[citation needed]


Look at the WHOIS info -- 1.1.1.0/24 is assigned to APNIC Research, and it says

remarks:        ++++++++++++++++++
remarks:        + Address blocks listed with this contact
remarks:        + are withheld from general use and are
remarks:        + only routed briefly for passive testing.
remarks:        +
remarks:        + If you are receiving unwanted traffic
remarks:        + it is almost certainly spoofed source
remarks:        + or hijacked address usage.

There's a comment at the top saying:

descr:          APNIC and Cloudflare DNS Resolver project
descr:          Routed globally by AS13335/Cloudflare
descr:          Research prefix for APNIC Labs

So it's routed deliberately but it sure looks like an experiment.
There's way too much equipment that treats 1.1.1.1 as magic for it to
work reliably.  Captive portals tend to use that address for the host
you contact to log out.

R's,
John
Previous By Date Next
Previous By Thread Next

Current thread: