nanog mailing list archives
Re: do bogon filters still help?
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 12 Jan 2006 00:21:30 +0100
* Pim van Pelt:
Hi Florian, others, | You should move 192.88.99.0/24 from SPECIAL to YES (although you | shouldn't see source addresses from that prefix, no matter what the | folks at bit.nl think). 169.254.0.0/16 should be NO (otherwise it | wouldn't be link-local).
Hi, here's a member of 'the folks at bit.nl'. Just a quick note to say that we have been sourcing IPv4 packets from 192.88.99.1 at a rate of 2.000 to 10.000 packets per second since early 2003, so I'm guessing we have sent some 750.000 billion packets by now.
And this is just so wrong. You should use an address you own as a source address. Otherwise, packets tend to get dropped by filters. And no, "anyone should be able to spoof from 192.88.99.0/24" is not the answer to this kind of problem.
Current thread:
- Re: do bogon filters still help?, (continued)
- Re: do bogon filters still help? Florian Weimer (Jan 11)
- Re: do bogon filters still help? Martin Hannigan (Jan 11)
- Re: do bogon filters still help? Florian Weimer (Jan 11)
- Re: do bogon filters still help? Edward Lewis (Jan 11)
- Re: do bogon filters still help? william(at)elan.net (Jan 11)
- Re: do bogon filters still help? william(at)elan.net (Jan 11)
- Re: do bogon filters still help? Florian Weimer (Jan 11)
- Re: do bogon filters still help? william(at)elan.net (Jan 11)
- Re: do bogon filters still help? Michael . Dillon (Jan 12)
- Re: do bogon filters still help? Pim van Pelt (Jan 11)
- Re: do bogon filters still help? Florian Weimer (Jan 11)
- Re: do bogon filters still help? Pim van Pelt (Jan 11)
- Re: do bogon filters still help? Daniel Roesen (Jan 11)
- Re: do bogon filters still help? Joseph S D Yao (Jan 12)
- Re: do bogon filters still help? Kevin Loch (Jan 12)
- Re: do bogon filters still help? Pekka Savola (Jan 12)
- Re: do bogon filters still help? Pekka Savola (Jan 11)