Cloudflare public DNS broken w/ AT&T CPE

John Levine johnl at
Mon Apr 2 15:17:47 UTC 2018

In article <20180402150821.GA24937 at> you write:
>Once upon a time, Matt Hoppes <mattlists at> said:
>> Seeing as how isn’t suppose to be routed
>[citation needed]

Look at the WHOIS info -- is assigned to APNIC Research, and it says

remarks:        ++++++++++++++++++
remarks:        + Address blocks listed with this contact
remarks:        + are withheld from general use and are
remarks:        + only routed briefly for passive testing.
remarks:        +
remarks:        + If you are receiving unwanted traffic
remarks:        + it is almost certainly spoofed source
remarks:        + or hijacked address usage.

There's a comment at the top saying:

descr:          APNIC and Cloudflare DNS Resolver project
descr:          Routed globally by AS13335/Cloudflare
descr:          Research prefix for APNIC Labs

So it's routed deliberately but it sure looks like an experiment.
There's way too much equipment that treats as magic for it to
work reliably.  Captive portals tend to use that address for the host
you contact to log out.


More information about the NANOG mailing list