[107367] in North American Network Operators' Group
Re: 198.32.64.12 -- Harmless mis-route or potential exploit?
daemon@ATHENA.MIT.EDU (Steve Conte)
Tue Sep 2 18:33:47 2008
From: Steve Conte <conte@isoc.org>
To: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
In-Reply-To: <alpine.BSF.1.10.0809021808500.83763@prime.gushi.org>
Date: Tue, 2 Sep 2008 15:33:42 -0700
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
On Sep 2, 2008, at 3:24 PM, Dan Mahoney, System Admin wrote:
> Hello all,
>
> While recently trying to debug a CEF issue, I found a good number of
> packets in my "debug cef drops" output that were all directed at
> 198.32.64.12 (which I see as being allocated to ep.net but
> completely unused).
>
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
> Sep 2 22:03:25: CEF-Drop: Packet for 198.32.64.12 -- no route
>
> Now, as nearly as I can tell, this IP address has never been used
> for anything, but I see occasional references to it, such as here:
>
Once upon a time, that used to be the IP address for the L Root server.
Steve
>
-----
Steve Conte
conte@isoc.org
