Suddenly, I feel very much like a newbie...
For quite some time, our perimeter 2600 T-1 router (12.1) has had ip route entries directing Chinese IPs to null0. For example: ip route 59.32.0.0 255.224.0.0 Null0.
The thought was any web traffic to or from these IPs would be discarded with less CPU burden than running an ACL, while shielding end users from potential malware hosted in a geographic area where we have no business contact. Or at least, I had smuggly thought so.
Ping and traceroute to these IPs fail as expected, but now I find that clients going to one of these IPs with a web browser has no problem.
Why does the router with the ip route to null0 command line permit these packets to flow through?
Thanks,
Benoit