Hacker News new | past | comments | ask | show | jobs | submit login

how about routing 1.1.1.0/24 and 1.2.3.0/24 to /dev/null (or equivalent) for some time.

This would interefere with whoever is polluting these addresses and they would stop using them as they would become unusable.




They've _been_ routed like that forever. That's why people have been using them - because it doesn't do any harm (the data gets dropped at the first BGP-aware router). The issue is we can't _start_ using them now.


The problem is that if the router is configured to announce these IP's there is an instant flood of incoming traffic.

You could set the edge routers to drop any traffic to 1.1.1.1, but that still means that the upstream bandwidth is consumed by accepting the packets and then discarding them internally.

With routing at this scale EVERYTHING has a cost, you cannot just accept a blob of traffic without interfering with some other service(s). Every packet has to come down the wire, and then be handled by the router (either dropped or forwarded on).

This scenario is basically an unintended DoS attack.


They've been routed to /dev/null since 1981!


No, they haven't.

These subnets have not been advertised.

The difference is that when a device tries to send a packet to 1.1.1.1, your PC would send the packet to its default gateway, that gateway would send it to your ISP, and one of the ISP's edge routers would determine that there was no route to the host and reply with a message stating the packet is unroutable.

For the classic RFC reserved subnets, like 192.168.0.0, most routers were setup to drop any inbound/outbound packets addressed to or from those subnets, which is more like routing them to /dev/null.


OK, while they may not actually have been dropped or routed to /dev/null in a technical sense, they have been inaccessible in such a way that if making them "inaccessible for a while" was going to reduce the traffic to them, as suggested by the post I was replying to, then it would have had that effect already and this surprise traffic wouldn't be a problem in the first place.


Ah, I see what you were saying. Yes, the problem here is that they WERE unassigned, and so people lazily or unintentionally started using these IP's for other purposes. Now that they are "real", it seems like some portions of these subnets are going to be practically unusable.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: