I wonder what a programming language would look like if it were intended to be viewed center-aligned. That might be a fun snowstorm/CNY project for any language geeks out there.
Edit: for those of you confused by the red envelopes and fire crackers, happy Lunar New Year (CNY).
The upstreams had a valid route back to it, it just didnt have a valid forward route - and thank goodness because the traceroute boxes got ddosed into oblivion.
This was a trick which ONLY used 1 ip address and some borrowed PTRs. I could have used used space too, but the customers mail probably would have stopped working.
The source of the IP block is an ISP that gets a /20 at a time. Its a fact of life that unused blocks do sit around.
Somebody apparently found it necessary to DDOS this harmless internet curiosity so it does not exist anymore. A reminder that people can be wonderful, and people can be just evil, I guess.
that's really interesting. i have a non-ccie question, though:
if it's sending packets on a dance through a virtual network, why does that have to use public addresses? would using a private network (eg 10.0.0.0) not have worked? why not? (and is it odd for people to still have unused /24 lying around?)
Main reason: You need to have reverse DNS that resolves each IP address to the appropriate Star Wars line. You don't have control over the reverse DNS for IP space you don't own (such as 10.0.0.0/8). Without the reverse DNS you'd just see IP addresses in the traceroute output, and no "It.is.a.period.of.civil.war."
Secondary reason: To prevent IP address spoofing, many routers have "reverse path filtering," which drops packets with source IP addresses that shouldn't be coming from the interface they're coming from. This would put a stop to the ICMP TTL exceeded messages and you'd just see stars in the traceroute output.
There is a surprising amount of unused IP address space out there, which can happen when, for example, an organization has a large allocation and they're not using all of it. This is kind of unfortunate but there's not really a practical way to take small amounts of unused address space and make use of it elsewhere on the Internet.
But the packets aren't addressed to the intermediate routers. All of the packets are addressed to the endpoint, with a TTL value too low to make it there. The intermediate routers just reply with an ICMP Time Exceeded packet.
The real problem is that an ICMP Time Exceeded packet coming from behind NAT would presumably either be blocked by the NAT or else have its address changed to the routable public interface of the NAT device. If the packets are dropped, that would obviously be a problem. If the IP address were changed to that of the NAT box, then all of the reverse DNS lookups would have the same result.
By the way, some traceroute implementations use ICMP Echo Request packets instead of UDP.
But you don't really need a route TO it? Would it technically work to start sending replies back with private IP addresses in the middle of the traceroute? Or do most ISPs filter those even in the replies?
Edit: By the way, that wouldn't have worked for this hack anyways, since you wouldn't be able to control reverse DNS for the private IP addresses.
Rasmus always claimed that he wasn't concerned with beautiful programming that followed a common design pattern or methodology, rather he liked to get things done and so much of PHP is designed in that way.
