OpenDNS CGNAT Issues

Owen DeLong owen at
Wed Sep 12 05:03:43 UTC 2018

> On Sep 11, 2018, at 21:58 , Christopher Morrow <morrowc.lists at> wrote:
> On Tue, Sep 11, 2018 at 9:06 PM Jerry Cloe <jerry at <mailto:jerry at>> wrote:
> OpenDNS, or anyone for that matter, should never see 100.64/10 ip's. If they do, something is wrong at the source, and OpenDNS wouldn't be able to reply anyway (or at least have the reply route back to the user).
> maybeopendns peers directly with such an eyeball network? and in that case maybe they have an agreement to accept traffic from the 100.64 space?

They’d only be able to do one such agreement per routing environment.

Managing that would be _UGLY_ for the first one and __UGLY__ at scale for anything more than one.

It also pretty much eliminates potential for geographic diversity and anycast for a provider in a local geography.

Certainly not something I’d choose to do if I were OpenDNS unless someone arrived with a very large truck full of gold, diamonds, or other valuable hard assets.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list