During the cr1-eqiad JunOS upgrade, it was discovered that the static IP fallbacks to the Pybal BGP-learned LVS service IPs were stale and obsolete (e.g. they included mobile-lb, did not include a few newer ones or any of the 10/8 service IPs).
The stales are currently deactivated in cr1-eqiad and active (but wrong) on cr2-eqiad. Other sites' (codfw/esams/ulsfo) are likely also stale.
We should immediately fix these to restore our protection from a e.g. Pybal software bug. Moreover, we should fix a routing bug by adding those static routes as non-redistributed routes (but making sure that the supernets are, so that reachability from other sites still works).
Finally, these have been obsoleted a few times, so we should be doing a better job, either process-wise, implementation-wise or both, to make sure this doesn't happen again (and isn't broken at the time where we need it). @BBlack was investigating whether we could use the service IP supernets instead (and last I heard, he said it's possible with minimal amounts of reshuffling). The longer-term plan for this may include Pybal modifications and/or LVS rearchitecturing, and end up in a different task altogether; let's use this for now, though.