[prev in list] [next in list] [prev in thread] [next in thread]
List: inet-access
Subject: Re: AT&T routing a private subnet?
From: "Don Lashier" <dl () newportnet ! com>
Date: 2006-07-24 4:44:16
Message-ID: 200607232144160871.4436EFF7 () mailhost ! newportnet ! com
[Download RAW message or body]
I'm just as surprised your own router is letting them
out - SOP is to blackhole at your border.
Tracing route to 10.23.254.254 over a maximum of 30 hops
1 1 ms 4 ms 1 ms 67.133.60.4
2 67.133.60.4 reports: Destination host unreachable.
Oh, it's comcast.
> I thought they'd immediately fix the routing problem
>and not call the customer to fix it.
BB's don't really care if you shoot yourself in the foot.
- DL
On 7/23/2006 at 4:41 PM David Kovar wrote:
>Greetings,
>
>I'm way out of practice on ISP issues and hope I am posting this to a
>somewhat appropriate list. I was trying to debug a VPN problem and found I
>could ping a private IP address with my VPN turned off. It looks like AT&T
>is allowing a customer to route a private subnet. It took awhile but I
>eventually found someone at AT&T who claimed they'd contact the client but
>who said they couldn't shut this down at their router.
>
>I'm curious about a couple of things:
>
>1) How bad is this? I thought they'd immediately fix the routing problem
>and not call the customer to fix it.
>2) Why wasn't this caught, or never allowed to happen in the first place?
>I'd think, perhaps naively, that this would be something basic to catch
>and/or block.
>
>-David
>
>
>Tracing route to 10.23.254.254 over a maximum of 30 hops
>
> 1 1 ms 1 ms 1 ms 192.168.10.1
> 2 16 ms 8 ms 8 ms 73.64.160.1
> 3 10 ms * 9 ms GE-1-1-sr01.elgranada.ca.sfba.comcast.net
>[68.87
>.199.249]
> 4 19 ms 13 ms 8 ms S-3-0-1-sr01.sanjose.ca.sfba.comcast.net
>[68.87.
>226.57]
> 5 14 ms 18 ms 11 ms GE-4-37-ur06.sanjose.ca.sfba.comcast.net
>[68.87.
>226.105]
> 6 12 ms * 14 ms 10g-9-1-ur05.sanjose.ca.sfba.comcast.net
>[68.87.
>192.53]
> 7 22 ms 13 ms * 10g-9-1-ur04.sanjose.ca.sfba.comcast.net
>[68.87.
>192.49]
> 8 18 ms * * 10g-7-1-ur03.sanjose.ca.sfba.comcast.net
>[68.87.
>192.41]
> 9 23 ms 16 ms * 10g-9-1-ar01.sfsutro.ca.sfba.comcast.net
>[68.87.
>192.37]
>10 * * 13 ms 68.87.226.130
>11 12 ms 10 ms 12 ms 12.117.240.17
>12 69 ms 74 ms 67 ms tbr2032701.sffca.ip.att.net [12.123.12.53]
>13 74 ms 66 ms 75 ms tbr1-cl2.sl9mo.ip.att.net [12.122.10.41]
>14 66 ms 69 ms 69 ms gbr1-p10.sl9mo.ip.att.net [12.122.11.98]
>15 69 ms 61 ms 61 ms ar14-p310.sl9mo.ip.att.net [12.123.209.145]
>16 84 ms 75 ms 72 ms 12-215-1-205.client.mchsi.com [12.215.1.205]
>17 78 ms 80 ms 75 ms 12-215-23-194.client.mchsi.com
>[12.215.23.194]
>18 99 ms 103 ms 87 ms 10.23.254.254
>
>Trace complete.
>
>_______________________________________________
>"Eat sushi frequently". - Avi
>inet@inet-access.net is the human contact address.
>list@inet-access.net is the list posting address.
>See below URL for subscribe/unsubscribe and list options:
>http://inet-access.net/mailman/listinfo/list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Don Lashier dl@newportnet.com
Newport Internet www.newportnet.com
~~~~~~~~~ Just say NO to HTML email ~~~~~~~~
_______________________________________________
"Eat sushi frequently". - Avi
inet@inet-access.net is the human contact address.
list@inet-access.net is the list posting address.
See below URL for subscribe/unsubscribe and list options:
http://inet-access.net/mailman/listinfo/list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic