They did briefly list 252.0.0.0/10 in their published list of IP ranges. The people I spoke with about this at the time either claimed it was a mistake, or the state of the world that I should get used to (it broke some surprisingly fragile scripts on my side for silly reasons).
Given they removed it from their list of IPs 27 hours later, I'm guessing I wasn't the only person freaking out. But yeah, they use it internally, and it leaks from time to time in surprising ways.
How can it leak when they only use it internally? They would have to announce this IP range specifically through BGP et al, which I can only assume would raise some serious questions, given that they cannot possibly be the official owner of this range?
On the other hand, that’s probably how we ended up with this article. I still don’t understand how this could have been an accident though.
No, these are being found in traceroutes. Any time you end up being routed over a private network you can end up with private non-announced IP addresses being present in said traceroute - seeing 10.x.x.x addresses in the middle of traceroutes is something you will see occasionally as well. When the TTL expires and the router sends the TTL exceeded message back, it has to select SOMETHING for the source IP address, and there's nothing to prevent that choice being the internal IP address it uses.
Yeah, so about that:
https://github.com/seligman/aws-ip-ranges/commit/2e0d9d87d4f...
They did briefly list 252.0.0.0/10 in their published list of IP ranges. The people I spoke with about this at the time either claimed it was a mistake, or the state of the world that I should get used to (it broke some surprisingly fragile scripts on my side for silly reasons).
Given they removed it from their list of IPs 27 hours later, I'm guessing I wasn't the only person freaking out. But yeah, they use it internally, and it leaks from time to time in surprising ways.