Just had an interesting experience with one of my servers. There have been complaints, few and far between though, that certain people couldn't access the server. I always checked if they were in the blocked IP list, and no, they weren't. They were always third-parties with whom it was hard to do any diagnostics, however, so I wrote them off. Finally, it reached a head today when a client found out they couldn't access their sites all of a sudden, so we took some time to diagnose it.

It turns out that the installation of APF (a basic firewall system for Linux) had a set of rules designed to block traffic from non-routable and reserved IP groups. These IP groups included newly legitimate groups, which are now becoming necessary as the IPv4 address space runs out of steam. I removed these rules, and the customer could get through perfectly.

My server has never had this problem, so I wrote a quick Perl script to scan my RSS Digest logs (1.6GB of them) and see how many people are actually using these previously reserved blocks.. turns out it's about 5-7%! So, if you're running a server and have APF on there, check your /etc/apf/firewall file for a long list of blocked unroutable IP addresses.. they may not be so unroutable after all.

After the fact, I found more information here.