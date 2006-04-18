[...] The Cloudflare-APNIC experiment uses two IPv4 address ranges, 1.1.1/24 and 1.0.0/24, which have been reserved for research use. Cloudflare's new DNS uses two addresses within those ranges, 1.1.1.1 and 1.0.0.1.

These address ranges were originally configured as "dark traffic addresses", and some years ago APNIC partnered with Google to analyse the unsolicited traffic directed at them. There was a lot of it.

"Our initial work with it certainly showed it to be an unusually strong attractor for bad traffic. At the time we stopped doing it with Google, it was over 50 gigabits per second. Quite frankly, few folk can handle that much noise," Huston told ZDNet on Wednesday.

By putting Cloudflare's DNS on these research addresses, APNIC gets to see the noise as well as the DNS traffic -- or at least "a certain factored amount" of it -- for research purposes.

[...] While 1.1.1.1 is meant to have been used only for research, the Cloudflare-APNIC experiment has revealed that many operational systems have been using it in a variety of dirty hacks that breach internet routing standards.

[...] "Some folk, without any material to justify it, started configuring 1.1.1.1. Now, I can start using your IP address, I suppose, but we're both going to have a problem," Huston told ZDNet, laughing.

"In this case, I'm not sure that it really impacts upon the folk who are advertising the address, and to some extent because I am looking at the junk traffic that hits that address, it all adds to the interesting junk. But you shouldn't be doing it."

While Huston has yet to analyse any of the junk traffic in this new experiment, he said that it can still be measured in multiple gigabits per second.

"There's a lot of rubbish out there," he said.