Several times now, I've had to call major ISPs to have them remove firewall rules preventing their customers from accessing the 220.127.116.11/8 network. More often than not, customers have access to my IP block in the 18.104.22.168/8 address space, but their ISPs DNS servers couldn't because they were protected by a different, unmaintained firewall! Most notably, I've had this problem with QWest, MSN, and Road Runner. The 22.214.171.124/8 IP address space was provisioned in September, 2002 and overly paranoid firewall administrators that have put in deny rules in their firewalls to prevent packet spoofing aren't checking to see if the networks they're blocking, have actually been provisioned. Unfortunately, this problem is expounded by ARIN because they don't use their announcement list to inform network administrators that they're provisioning new IP addresses that have been historically reserved. Heads up to firewall administrators, the Internet is changing: only block 127/8, 192.168/16, 10/8, 172.16/12, and maybe 224/8. The sad truth, however, is this wouldn't be necessary if ISPs would do the appropriate ingress and egress filtering. ::sigh::
Slashdot, could you please help by raising the awareness of this problem and posting this as a wakeup to firewall admins? Thanks.