Cogent confirmed on the phone that they are the ones who put the blackhole in place. This is after they closed our ticket twice without response.
Purposely didn't mention a website in the ticket yet they asked on the phone if it was regarding thepiratebay so they are very aware of this... On 11 February 2017 at 15:18, Bryan Holloway <br...@shout.net> wrote: > Yup, they do indeed. And for fun, I black-listed one of our IPs, and sure > enough, the next-hop shows up as 10.255.255.255, and the communities are > the same aside from what appear to be regional things. > > -- > > BGP routing table entry for 66.253.214.90/32, version 638637516 > Paths: (1 available, best #1, table Default-IP-Routing-Table) > Flag: 0x820 > 23473 > 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) > Origin IGP, localpref 150, valid, internal, best > Community: 174:990 174:20912 174:21001 174:22013 > Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9 > > > > On 2/10/17 1:49 PM, Alistair Mackenzie wrote: > >> Cogent also have a blackhole route-server that they will provide to you to >> announce /32's for blackholing. >> >> The address for this is 66.28.1.228 which is the originator for the >> 104.31.19.30/3 <http://104.31.19.30/32>2 and 104.31.18.30/32 routes. >> >> >> On 10 February 2017 at 18:46, Jason Rokeach <ja...@rokeach.net> wrote: >> >> This looks pretty intentional to me. From >>> http://www.cogentco.com/en/network/looking-glass: >>> >>> BGP routing table entry for 104.31.18.30/32, version 611495773 >>> Paths: (1 available, best #1, table Default-IP-Routing-Table) >>> Local >>> 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) >>> Origin IGP, metric 0, localpref 150, valid, internal, best >>> Community: 174:990 174:20912 174:21001 >>> Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9 >>> >>> BGP routing table entry for 104.31.19.30/32, version 611495772 >>> Paths: (1 available, best #1, table Default-IP-Routing-Table) >>> Local >>> 10.255.255.255 (metric 10177050) from 154.54.66.21 (154.54.66.21) >>> Origin IGP, metric 0, localpref 150, valid, internal, best >>> Community: 174:990 174:20912 174:21001 >>> Originator: 66.28.1.228, Cluster list: 154.54.66.21, 66.28.1.9 >>> >>> >>> Call it a "hunch" but I doubt 10.255.255.255 is a valid next-hop router. >>> >>> On Fri, Feb 10, 2017 at 1:39 PM, Mike Hammett <na...@ics-il.net> wrote: >>> >>> Have we determined that this is intentional vs. some screw up? >>>> >>>> >>>> >>>> >>>> ----- >>>> Mike Hammett >>>> Intelligent Computing Solutions >>>> http://www.ics-il.com >>>> >>>> Midwest-IX >>>> http://www.midwest-ix.com >>>> >>>> ----- Original Message ----- >>>> >>>> From: "Brielle Bruns" <br...@2mbit.com> >>>> To: nanog@nanog.org >>>> Sent: Friday, February 10, 2017 12:28:53 PM >>>> Subject: Re: backbones filtering unsanctioned sites >>>> >>>> On 2/9/17 9:18 PM, Ken Chase wrote: >>>> >>>>> https://torrentfreak.com/internet-backbone-provider- >>>>> >>>> cogent-blocks-pirate-bay-and-other-pirate-sites-170209/ >>>> >>>>> >>>>> /kc >>>>> >>>>> >>>> Funny. Someone else got back: >>>> >>>> "Abuse cannot not provide you a list of websites that may be >>>> encountering reduced visibility via Cogent" >>>> >>>> I almost wish I had a Cogent circuit just to bring this up with an >>>> account rep. Almost. >>>> >>>> I'd very much so view this as a contractual violation on Cogent's part. >>>> >>>> Cogent keeps contacting me every year wanting to sell me service. This >>>> will be a good one to bring up when they call me next time. >>>> >>>> -- >>>> Brielle Bruns >>>> The Summit Open Source Development Group >>>> http://www.sosdg.org / http://www.ahbl.org >>>> >>>> >>>> >>>