nanog mailing list archives
Re: Who is announcing bogons?
From: Jack Bates <jbates () brightok net>
Date: Mon, 28 Apr 2003 20:30:31 -0500
Sean Donelan wrote:
This is true. Case in point: During this last month, a large provider not only routed a /16 network for their customer, they also sent in radb templates on behalf of their customer. The customer is a known rogue AS, but they still exist. This wasn't the first network they stole. They are US based, yet the network was registered to a company over seas. Untold numbers of spam were sent from that network for the hours that it was up. I only escaped because the spammers used a single word in the helo/ehlo parameter without a period and my server are in strict RFC mode.But my real question is why are negative bogon lists necessary? If you ask providers, they all say they implement positive prefix list filters on all their customers. So who is injecting the bogons? And why do they still have a network connection?
Should we be spending time teaching people how to do positive prefix filters, or trying to explain to them why the negative prefix filter the last network administrator installed 2 years ago is out of date.
Both. Knowledge is power. It is the only thing everyone can agree upon. We need to educate people. We need to stop being tolerant to servers, services and networks that are not RFC complaint. We need to teach people how to use their network. We need to inform people that there are communication channels on the Internet. Teach them about the various mailing lists and resources that they need. Open their eyes to the truth about the Internet and how fragile it truely is.
What is the cross-over point? When does the number of lines in a bogon list become larger than the positive prefix filter? If you are going to list every sub-allocation which isn't routed, why not just list the allocations which should be routed?
It's been tried. See the routing registries. Yet, what do you do when it's not used or unverified data? What's to keep someone from registering 9.5.0.0/16 in RADB and being considered "legitimate" even though the network belongs to IBM? There are networks that demand trust, and yet they are untrustworthy. Education is the key.
-Jack
Current thread:
- Re: Get as much IP space as you ever dreamed of, was: Re: Looking to buy IPv4 addresses from class C swamp, (continued)
- Re: Get as much IP space as you ever dreamed of, was: Re: Looking to buy IPv4 addresses from class C swamp Rob Thomas (Apr 28)
- Who is announcing bogons? Sean Donelan (Apr 28)
- Re: Who is announcing bogons? Rob Thomas (Apr 28)
- Re: Who is announcing bogons? Richard Cox (Apr 28)
- Re: Who is announcing bogons? Rob Thomas (Apr 28)
- Re: Who is announcing bogons? Sean Donelan (Apr 28)
- Re: Who is announcing bogons? Rob Thomas (Apr 28)
- Re: Who is announcing bogons? babylon (Apr 28)
- RE: Who is announcing bogons? David Luyer (Apr 29)
- Re: Who is announcing bogons? Henry Kilmer (Apr 30)
- Re: Who is announcing bogons? Jack Bates (Apr 28)
- Re: Who is announcing bogons? Paul Vixie (Apr 28)
- Re: Who is announcing bogons? Margie (Apr 28)
- Re: Who is announcing bogons? Sean Donelan (Apr 29)
- The in-your-face hijacking example, was: Re: Who is announcing bogons? kai (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? Sean Donelan (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? Jack Bates (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? Richard A Steenbergen (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? Alex Rubenstein (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? Christopher L. Morrow (Apr 29)
- Re: The in-your-face hijacking example, was: Re: Who is announcing bogons? David Barak (Apr 30)