nanog mailing list archives
Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
From: Sean Donelan <sean () donelan com>
Date: Tue, 6 Mar 2007 15:33:15 -0500 (EST)
On Tue, 6 Mar 2007, Mikael Abrahamsson wrote:
Also, all the examples you give implies a BGP transit customer. I am imagining all kinds of customers, from colo customers where I am their default gateway, to residential customers where it's the same way.
I tried to give examples upstream of a router, not a bridged/directconnection which may have all sorts of unroutable junk which a router should not (and mostly doesn't) forward. Although spoofing MAC addresses
is probably suspicious behaivor in most bridged networks too.
Disabling their port and punting them to customer support is NOT a cost efficient way of dealing with the problems, at least not in the market I am in.
Isn't this true of everything (bad source addresses, worms, abuse, etc). Does hiding/ignoring the problem just makes it worse because there is no incentive to fix the problem while it is still a small problem? If it isn't important enough to bother the customer, why bother to fix it?
How you stop forwarding bad stuff is a local decision. As long as you stop it, no one will turn off your interface. If your network is forwarding so many packets with false source addresses that it would be a major customer support cost issue to fix, your network probably has other configuration problems. You are probably just deferring those customer service costs until an unpredictable time in the future when those misconfigurations disrupt other parts of your network.
Current thread:
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons, (continued)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Sean Donelan (Mar 02)
- RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Eric Ortega (Mar 02)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Steven M. Bellovin (Mar 02)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Daniel Senie (Mar 02)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Sean Donelan (Mar 03)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Peter Dambier (Mar 03)
- RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Barry Greene (bgreene) (Mar 04)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Mikael Abrahamsson (Mar 03)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Sean Donelan (Mar 04)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Mikael Abrahamsson (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Sean Donelan (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Mikael Abrahamsson (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Valdis . Kletnieks (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Mikael Abrahamsson (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Mark Radabaugh (Mar 06)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Sean Donelan (Mar 09)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Roland Dobbins (Mar 02)
- 123.0.0.0/8 from AS7643 (was - Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons) william(at)elan.net (Mar 02)
- Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons Jason Frisvold (Mar 04)