We here at AOL have noticed that there are still some people filtering
172.0.0.0/8, which is causing AOL subscribers to get blocked from some
sites. As a matter of general IP route filtering hygene I thought it
worth mentioning (again) to see if we can get this tamped down (or, better
still, stamped out).
For reference, RFC1918 20 bit block space is
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
ARIN-assigned AOL block ranges that have 172 in the first octet are:
172.128.0.0/10
172.192.0.0/12
172.208.0.0/14
Please double check your filters to make sure you are not accidently
blocking AOL in the non-RFC1918 space. It would be useful to pass this
along to your downstreams as well. AOL is also working directly with
the companies who have misconfigured firewalls where we notice problems
with filters.
/vijay
y'all might give us something pingable in that space so we can
do a primitive and incomplete test in a simple fashion.
randy
Those ranges are AOL's dialup pool. Easy way to get something
pingable in that space would be to get yourself a coaster^W AOL CD
from the nearest 7-11 or Burger King
That requires so much effort, most of us won't bother...and no I'm not
being sarcastic, just realistic. Would it be that hard for someone at
aol.net to take a single /32 from that vast IP range and assign it to a
host as an IP alias or router loopback address?
I did that (router loopback to give people something to ping) with a 69/8
IP before setting up 69box.
vijay gill wrote:
y'all might give us something pingable in that space so we can
do a primitive and incomplete test in a simple fashion.
randy
try 172.128.1.1
/vijay
Wouldnt 172.15.255.254 and 172.32.0.1 do better at helping to nail down improper filter issues?
Wont above miss detecting of
172.0.0.0 0.15-127.255.255
172.16.0.0 0.31-63.255.255
while it will catch only
172.0.0.0 0.255.255.255
(disregarding other possible permutations)
?
Also perhaps a traceroute http web site there would be nice also.
Perhaps that is all more trouble than its worth.....