As I understand it, the IP range 100.64.0.0/10 is restricted for use by Internet Service Providers, within their own networks.
Therefore, we should not see any traffic with destination addresses within this space on a private network that connects to a Public IP.
Examination of the logs of internal network traffic at a customer shows these destinations occasionally (e.g. one or two firewall logs in four days), mainly from iPhones and Android devices.
Should I be suspicious of this traffic?
Should I permanently block the 100.64.0.0/10 range in all firewall Policies (from both Trusted and Untrusted BYOD networks)?
Thoughts and advice, anyone?
This is posted in the Vodafone forum as the customer in question is a Vodafone customer, and there may be some VF-specific answers - but this is also a general question for any network.
Same site as this previous forum post (possibly related issue)