Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

Brielle Bruns bruns at 2mbit.com
Mon Apr 2 21:20:38 UTC 2018


On 4/2/2018 9:35 AM, Simon Lockhart wrote:
> Quite.
> 
> This looks like a willy-waving exercise by Cloudflare coming up with the lowest
> quad-digit IP. They must have known that this would cause routing issues, and
> now suddenly it's our responsibility to make significant changes to live
> infrastructures just so they can continue to look clever with the IP address.
> 
> Simon


I don't see how this is Cloudflare's fault really?  Its the 
responsibility of network maintainers to... well, lets be blunt here, 
maintain their network.

If part of maintaining their network involves updating bogon 
routes/filters, then that's part of maintaining the network that can't 
be lapsed.

This is like the WISPs blaming Ubiquiti for their failure to update 
their CPEs and PtP devices for a security flaw that Ubnt released fix 
for more then a year before (and for not properly securing the 
management interfaces of their network devices).

Or even better, the morons who blocked all of 172.0.0.0/8 even though a 
good portion of that block is live public IP space.  I actually felt 
really bad for AOL having been assigned IP blocks from that space, since 
it had to have created customer complaints at times.

There's only one person to blame here, and it's not the RIRs or Cloudflare.

-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org


More information about the NANOG mailing list