[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Wrong use of 100.64.0.0/10

Subject: Wrong use of 100.64.0.0/10
From: streiner at cluebyfour.org (Justin M. Streiner)
Date: Fri, 2 Oct 2015 10:52:15 -0400 (EDT)
In-reply-to: <CAOAnmEjYNg-W6AEm4ode_fFeWgeX1=6w8ATupGWP4P+K0jW8=A@mail.gmail.com>
References: <CAOAnmEjYNg-W6AEm4ode_fFeWgeX1=6w8ATupGWP4P+K0jW8=A@mail.gmail.com>

On Fri, 2 Oct 2015, Marco Paesani wrote:

> Hi,
> probably this route is wrong, see RFC 6598, as you can see:
>
> show route 100.64.0.0/10
>
> inet.0: 563509 destinations, 1528595 routes (561239 active, 0 holddown,
> 3898 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 100.100.1.0/24     *[BGP/170] 2d 14:46:05, MED 100, localpref 100
>                      AS path: 5580 9498 9730 I, validation-state:
> unverified
>                    > to 78.152.54.166 via ge-2/0/0.0

My guess is someone leaking an internal route.  It's not uncommon to see 
people using random IPv4 space for internal purposes.  Ranges such as
100.100.x.0/24 or 20.20.x.0/24 are often mis-used in this way.

It also looks like at least one of their upsteams is not filtering out any 
advertisements from 100.64/10.

jms

Follow-Ups:
- Wrong use of 100.64.0.0/10
  - From: marco at paesani.it (Marco Paesani)

References:
- Wrong use of 100.64.0.0/10
  - From: marco at paesani.it (Marco Paesani)

Prev by Date: /27 the new /24
Next by Date: How to force rapid ipv6 adoption
Previous by thread: Wrong use of 100.64.0.0/10
Next by thread: Wrong use of 100.64.0.0/10
Index(es):
- Date
- Thread