 |
| Taken from http://bgp.he.net/AS237 |
What my coworker saw was this:
| Bogon Prefixes | ||
|---|---|---|
| # | Prefix | Type |
| 1 | 131.0.0.0/16 | unallocated |
| 2 | 131.72.0.0/16 | unallocated |
| 3 | 131.100.0.0/16 | unallocated |
| 4 | 131.108.0.0/16 | unallocated |
| 5 | 131.161.0.0/16 | unallocated |
| 6 | 131.221.0.0/16 | unallocated |
| 7 | 131.255.0.0/16 | unallocated |
| 8 | 132.157.0.0/16 | unallocated |
| 9 | 132.184.0.0/16 | unallocated |
| 10 | 132.191.0.0/16 | unallocated |
| 11 | 132.251.0.0/16 | unallocated |
| 12 | 132.255.0.0/16 | unallocated |
| 13 | 138.0.0.0/16 | unallocated |
| 14 | 138.36.0.0/16 | unallocated |
| 15 | 138.59.0.0/16 | unallocated |
| 16 | 138.94.0.0/16 | unallocated |
| 17 | 138.97.0.0/16 | unallocated |
| 18 | 138.99.0.0/16 | unallocated |
| 19 | 138.117.0.0/16 | unallocated |
| 20 | 138.118.0.0/16 | unallocated |
| 21 | 138.121.0.0/16 | unallocated |
| 22 | 138.122.0.0/16 | unallocated |
| 23 | 138.185.0.0/16 | unallocated |
| 24 | 138.186.0.0/16 | unallocated |
| 25 | 138.204.0.0/16 | unallocated |
| 26 | 138.219.0.0/16 | unallocated |
| 27 | 138.255.0.0/16 | unallocated |
| 28 | 143.0.0.0/16 | unallocated |
| 29 | 143.137.0.0/16 | unallocated |
| 30 | 143.202.0.0/16 | unallocated |
| 31 | 143.208.0.0/16 | unallocated |
| 32 | 143.255.0.0/16 | unallocated |
| 33 | 148.0.0.0/16 | unallocated |
| 34 | 148.101.0.0/16 | unallocated |
| 35 | 148.102.0.0/16 | unallocated |
| 36 | 148.103.0.0/16 | unallocated |
| 37 | 148.255.0.0/16 | unallocated |
| 38 | 152.0.0.0/16 | unallocated |
| 39 | 152.156.0.0/16 | unallocated |
| 40 | 152.166.0.0/16 | unallocated |
| 41 | 152.167.0.0/16 | unallocated |
| 42 | 152.168.0.0/16 | unallocated |
| 43 | 152.169.0.0/16 | unallocated |
| 44 | 152.170.0.0/16 | unallocated |
| 45 | 152.171.0.0/16 | unallocated |
| Bogon Prefixes | ||
|---|---|---|
| # | Prefix | Type |
| 46 | 152.172.0.0/16 | unallocated |
| 47 | 152.173.0.0/16 | unallocated |
| 48 | 152.174.0.0/16 | unallocated |
| 49 | 152.175.0.0/16 | unallocated |
| 50 | 152.200.0.0/16 | unallocated |
| 51 | 152.201.0.0/16 | unallocated |
| 52 | 152.202.0.0/16 | unallocated |
| 53 | 152.203.0.0/16 | unallocated |
| 54 | 152.204.0.0/16 | unallocated |
| 55 | 152.205.0.0/16 | unallocated |
| 56 | 152.206.0.0/16 | unallocated |
| 57 | 152.207.0.0/16 | unallocated |
| 58 | 152.230.0.0/16 | unallocated |
| 59 | 152.231.0.0/16 | unallocated |
| 60 | 152.232.0.0/16 | unallocated |
| 61 | 152.233.0.0/16 | unallocated |
| 62 | 152.234.0.0/16 | unallocated |
| 63 | 152.235.0.0/16 | unallocated |
| 64 | 152.236.0.0/16 | unallocated |
| 65 | 152.237.0.0/16 | unallocated |
| 66 | 152.238.0.0/16 | unallocated |
| 67 | 152.239.0.0/16 | unallocated |
| 68 | 152.240.0.0/16 | unallocated |
| 69 | 152.241.0.0/16 | unallocated |
| 70 | 152.242.0.0/16 | unallocated |
| 71 | 152.243.0.0/16 | unallocated |
| 72 | 152.244.0.0/16 | unallocated |
| 73 | 152.245.0.0/16 | unallocated |
| 74 | 152.246.0.0/16 | unallocated |
| 75 | 152.247.0.0/16 | unallocated |
| 76 | 152.248.0.0/16 | unallocated |
| 77 | 152.249.0.0/16 | unallocated |
| 78 | 152.250.0.0/16 | unallocated |
| 79 | 152.251.0.0/16 | unallocated |
| 80 | 152.252.0.0/16 | unallocated |
| 81 | 152.253.0.0/16 | unallocated |
| 82 | 152.254.0.0/16 | unallocated |
| 83 | 152.255.0.0/16 | unallocated |
| 84 | 161.10.0.0/16 | unallocated |
| 85 | 161.18.0.0/16 | unallocated |
| 86 | 161.22.0.0/16 | unallocated |
| 87 | 161.56.0.0/16 | unallocated |
| 88 | 161.138.0.0/16 | unallocated |
| 89 | 161.140.0.0/16 | unallocated |
| 90 | 161.212.0.0/16 | unallocated |
| Bogon Prefixes | ||
|---|---|---|
| # | Prefix | Type |
| 91 | 161.234.0.0/16 | unallocated |
| 92 | 161.255.0.0/16 | unallocated |
| 93 | 167.0.0.0/16 | unallocated |
| 94 | 167.56.0.0/16 | unallocated |
| 95 | 167.57.0.0/16 | unallocated |
| 96 | 167.58.0.0/16 | unallocated |
| 97 | 167.59.0.0/16 | unallocated |
| 98 | 167.60.0.0/16 | unallocated |
| 99 | 167.61.0.0/16 | unallocated |
| 100 | 167.62.0.0/16 | unallocated |
| 101 | 167.63.0.0/16 | unallocated |
| 102 | 167.108.0.0/16 | unallocated |
| 103 | 167.116.0.0/16 | unallocated |
| 104 | 167.249.0.0/16 | unallocated |
| 105 | 167.250.0.0/16 | unallocated |
| 106 | 168.0.0.0/16 | unallocated |
| 107 | 168.90.0.0/16 | unallocated |
| 108 | 168.121.0.0/16 | unallocated |
| 109 | 168.181.0.0/16 | unallocated |
| 110 | 168.194.0.0/16 | unallocated |
| 111 | 168.195.0.0/16 | unallocated |
| 112 | 168.196.0.0/16 | unallocated |
| 113 | 168.197.0.0/16 | unallocated |
| 114 | 168.205.0.0/16 | unallocated |
| 115 | 168.227.0.0/16 | unallocated |
| 116 | 168.228.0.0/16 | unallocated |
| 117 | 168.232.0.0/16 | unallocated |
| 118 | 170.0.0.0/16 | unallocated |
| 119 | 170.78.0.0/16 | unallocated |
| 120 | 170.79.0.0/16 | unallocated |
| 121 | 170.80.0.0/16 | unallocated |
| 122 | 170.81.0.0/16 | unallocated |
| 123 | 170.82.0.0/16 | unallocated |
| 124 | 170.83.0.0/16 | unallocated |
| 125 | 170.84.0.0/16 | unallocated |
| 126 | 170.150.0.0/16 | unallocated |
| 127 | 170.231.0.0/16 | unallocated |
| 128 | 170.233.0.0/16 | unallocated |
| 129 | 170.238.0.0/16 | unallocated |
| 130 | 170.239.0.0/16 | unallocated |
| 131 | 170.244.0.0/16 | unallocated |
| 132 | 170.245.0.0/16 | unallocated |
| 133 | 170.246.0.0/16 | unallocated |
| 134 | 170.247.0.0/16 | unallocated |
| 135 | 170.254.0.0/16 | unallocated |
| 136 | 191.0.0.0/8 | unallocated |
All of these blocks belong to LACNIC, and, until very recently, they were unallocated. But who could possibly be allowed to acquire 135 slash-sixteens and a slash-eight at a time like this? All of these, it turns out, are being originated by AS237, otherwise known as Merit Network. Sound familiar? Here, then, we have the owners of the world's largest routing registry originating very nearly every (v4) block LACNIC have left, at the same time. What did they plan to do with all those IPs? I decided the easiest way to find out would be to simply ask Merit.
Querying the RADb produced the following:
route: 191.0.0.0/8
descr: Merit Network Inc.
1000 Oakbrook Drive, Suite 200
Ann Arbor
MI 48104, USA
origin: AS237
mnt-by: MAINT-AS237
remarks: This announcement is part of an LACNIC approved experiment.
For additional information please send email to mkarir@merit.edu
changed: mkarir@merit.edu 20110608
source: RADBSo LACNIC approved the release of nearly a slash-eight and a half to Merit for... an experiment? Yes, that's exactly right--and it's an important one, at that.
Last year, Merit and the University of Michigan conducted a (presumably) similar experiment with APNIC for 1.0.0.0/8. By announcing the unallocated block on the Internet and observing the resulting traffic, they were able to check the block for "pollution": unexpected (and unwanted) traffic bound for the addresses within. Though you might not think there would be much demand for a slash-eight that had never been used before, the assembled team found several kinds of errant traffic bound for the block, of which audio traffic composed the overwhelming majority!
Be sure to read the full presentation; it really helps you appreciate all that goes into keeping the web afloat.
Posts
I remember that.
ReplyDelete