One of these days, I'll get this networking stuff down.
I talked to Dan the Network Engineer about the Riverstone router [1] and it's not the Riverstone that's losing its mind, it's me.
Just because I route outgoing traffic to 172.16.0.0/12 to nowhere on our core router, doesn't mean that incoming traffic “from” 172.16.0.0/12 from “The Outside” (and by “The Outside” I mean, “The Internet At Large”) gets routed to nowhere.
Nope, it gets routed to the destination, which is on the other side of the firewall, which is doing its job and dumping the garbage packets.