nanog mailing list archives
Re: Bogon filtering (don't ban me)
From: Michael.Dillon () radianz com
Date: Mon, 6 Dec 2004 11:30:42 +0000
The whole point that started this discussion is that bogon filtering is HARMFUL a good part of the time.
This may be so, but there are things that you can do with an up to date bogon feed other than filtering. That's why I suggested that BGP may not be the best form for the feed but for some reason LDAP is feared by people who don't run mailservers or large LANs. For instance, if you reflect all incoming BGP announcements into a management system then that system could compare them with an up-to-date bogin feed and alert the ops staff when questionable announcements are seen. Or it could trigger additional data collection to be used in network forensics. The point is that the bogon feed doesn't need to be hooked directly into your routers. This is what Patrick Gilmore does, i.e. he takes the bogon feed into a managenment system, generates an ACL and then periodically applies the ACL to his routers. Presumably that ACL gets checked by a clueful person before it goes out. Perhaps what we really need here is a BCP document that describes the ways in which a bogon feed can be integrated into network operations. If you do RPF, then maybe it's not needed for blocking traffic but you still might like to know who is trying to announce these bogon blocks to you. --Michael Dillon
Current thread:
- Re: Bogon filtering (don't ban me), (continued)
- Re: Bogon filtering (don't ban me) Iljitsch van Beijnum (Dec 05)
- Re: Bogon filtering (don't ban me) Rob Thomas (Dec 05)
- Re: Bogon filtering (don't ban me) Jørgen Hovland (Dec 05)
- Re: Bogon filtering (don't ban me) Mikael Abrahamsson (Dec 05)
- Re: Bogon filtering (don't ban me) Patrick W Gilmore (Dec 05)
- Re: Bogon filtering (don't ban me) Iljitsch van Beijnum (Dec 05)
- Re: Bogon filtering (don't ban me) Cliff Albert (Dec 05)
- Re: Bogon filtering (don't ban me) Iljitsch van Beijnum (Dec 05)
- Re: Bogon filtering (don't ban me) Sean Donelan (Dec 05)
- Re: Bogon filtering (don't ban me) Rob Thomas (Dec 05)
- Re: Bogon filtering (don't ban me) Michael . Dillon (Dec 06)
- Re: Bogon filtering (don't ban me) Patrick W Gilmore (Dec 06)
- Re: Bogon filtering (don't ban me) Rob Thomas (Dec 05)
- Re: Bogon filtering (don't ban me) Cliff Albert (Dec 05)
- Re: Bogon filtering (don't ban me) James (Dec 05)
- Re: Bogon filtering (don't ban me) Suresh Ramasubramanian (Dec 05)
- Re: Bogon filtering (don't ban me) Paul Vixie (Dec 05)
- RE: Bogon filtering (don't ban me) Neil J. McRae (Dec 05)
- RE: Bogon filtering (don't ban me) Jeff Rosowski (Dec 06)