What Is T-Mobile Doing With It's Data Network?

semijim

    Would somebody from T-Mobile care to comment?

     

    On the 4th of last month our NetGear LB1120 LTE modem on T-Mobile was assigned an IP address of 29.20.18.225. That's in a netblock assigned to the United States military. Unsurprisingly: It didn't work.  By the time I got T-Mobile on the line a modem cold start fixed the problem.

     

    Wrote it off as an anomaly.

     

    Then it happened again on the 24th, only this time it was 25.124.195.184. That one's in a netblock assigned to the UK Ministry of Defence. Said "To heck with this" and threw both netblocks into my router's BOGON list (see: "What's a bogon" at http://packetlife.net/blog/2009/jan/21/whats-bogon/), restarted the modem, got a normal T-Mobile IP address again.

     

    Then it happened again yesterday morning (Sep. 1):  6.97.192.190. That one's in another U.S. military netblock. Tossed that network into the BOGON list and restarted the modem, but, as on the 24th, the modem wouldn't give it up right away.  Eventually it did, only to return to one of the two previously BOGON-listed netblocks, then, eventually a netblock owned by the IETF (10.0.0.0/8, which was already on my network BOGON list, as it's a well-known illegitimate netblock).

     

    Thinking perhaps T-Mobile had a bad actor on its network I spent nearly an hour on the phone with T-Mobile tech support.  After being escalated twice I hit a brick wall with the CSR saying (paraphrased) "I have no way of telling what's going on. I'll push it up to our bug bounty people, but there's no guarantee they'll follow-up on it."

     

    I messed with this for a goodly portion of the day, during part of which I was half convinced my modem had been compromised.

     

    Eventually I discovered these IP addresses actually appeared to work, despite the fact they should not, and that they are NAT'ed back into legitimate T-Mobile IP space.

     

    I suspect I know what's going on: It looks like T-Mobile's network engineers are using what they believe to be unused IP netblocks assigned to others to create "private" network space, then NAT'ing those back into T-Mobile's own network space.

     

    Is this what's going on, T-Mobile?

     

    Btw: Unlike the other three illegitimate netblocks I've seen, so far, 6.0.0.0/8 has an Autonomous  System Number (AS668), so it could either be in-use or be put to use by the United States Military at any time.

      All replies

      • semijim

        Re: What Is T-Mobile Doing With It's Data Network?

        Nothing? T-Mobile's using network addresses assigned to other entities, government, military entities, and neither T-Mobile nor anybody else has any comment?

        • hobbit

          Re: What Is T-Mobile Doing With It's Data Network?

          This seems like normal behavior -- what you get assigned for a v4 address is largely irrelevant.

          The key thing is that you get assigned an ipv6 address, and your ipv4 traffic gets tunneled

          *through* that.  The address of your tunnel interface can be just about anything, because

          for the most part it's local to your device and if it shows up de-tunneled at the T-Mo

          internet gateway, it immediately gets NATed before it hits the real internet.  So unless

          you're actually trying to reach the sites whose netblocks T-Mo has usurped as "private"

          networks, it doesn't matter in the grand scheme of things.

           

          It is, however, unorthodox.  T-Mo's network engineers should know better, but there

          may be some compelling business reason that they cheat.  A properly designed

          private network *should* be able to map all of its infrastructure within 10.0.0.0/8

          but heck, maybe there are more subscribers than would make that practical.

          Bottom line, it's arbitrary, don't sweat it.