top | item 26927455

(no title)

nanliu | 4 years ago

Alibaba for example use DoD address ranges for their management servers running Alicloud services. They assumed since nothing in their cloud platform would connect to those addresses they can use these them to alleviate IPv4 shortage. In Alicloud, the customer have the right to use any RFC1918 addresses, so they had to be creative since they didn’t have sufficient IPv4 addresses.

discuss

sterlind|4 years ago

but if they're not filtering BGP announcements for those ranges (however unlikely), and the GFW isn't blocking traffic out to those addresses (even more unlikely), and the internal metrics were high (super unlikely), I guess it'd slurp out all the traffic? maybe this was a weird smash-and-grab.

Aperocky|4 years ago

You'd be surprised, but GFW is a blacklist not a whitelist, as such the blocked domains and/or IPs are a very small subset of all public addresses out there.