nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Is it time to abandon bogon prefix filters?

From: "Robert E. Seastrom" <rs () seastrom com>
Date: Fri, 15 Aug 2008 09:34:48 -0400

Randy Bush <randy () psg com> writes:


In other words, our earlier estimate of 60% was way off...  you can
get 92.1% effectiveness at bogon filtering by just dropping 1918
addresses, a filter that you will never have to change.


my read is that the 60% was an alleged 60% of attacks came from *all*
bogon space.  this now seems in the low single digit percentge.  of
that, the majority is from 1918 space.


so is there any case to be made for filtering bogons on
upstream/peering ingress at all anymore?

(this discussion is orthogonal to bcp38/urpf, which i think we all
agree is a good thing and would be great if we could get it further
deployed)

                                        ---rob
Previous By Date Next
Previous By Thread Next

Current thread: