nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Filtering Unregistered Blocks (WAS: small vent)

From: "Patrick W. Gilmore" <patrick () priori net>
Date: Mon, 29 Jun 1998 12:53:17 -0700
At 12:23 PM 6/29/98 PDT, Dave Rand wrote:


Unallocated is (once again) a state of mind.  By unallocated, the RBL
looks upon the IANA allocation of space, not the ARIN view.  So,
for example, 2.0.0.0/8 is on the RBL (as is 0.0.0.0/8).  We watch for
IANA allocation of new blocks, and when they are allocated, remove
them from the RBL.  Of course, this takes more work, and requires that
we watch closely.


I wonder if there could someday be a way to do this without all the work?


The RBL, in BGP mode, is used by route-mapping the addresses listed on
the RBL to a specific address.   You can, for example, route all 
traffic to RBL listed hosts to go through a 9600 bps dialup port.
Or you can route them to a T1.  Or you can route them to the loopback
port, which is what most people do.  The RBL doesn't filter the BGP
table, at all.


Sorry, I misspoke.  I just meant that I some customers have specifically
requested that I *not* filter/rate limit/drop/whatever blocks in the RBL.

But thank you for the suggestion about taking just the /8s from the RBL.  I
will definitely look into it.



You can't automate it, easily.  But by using the RBL, you can certainly
get the real-time aspect of it handled well.


Heh, with the RBL, *I* can automate it - you're the one doing the work! :)
For which I thank you and Paul and everyone else profusely.  Of course, if
anyone with a /8 (e.g. BBN or PSI) gets onto the RBL, I could be in
trouble.  Would the RBL ever list a /8 just for SPAM?  (Again, I am not
saying that's wrong - people don't have to take the RBL.  I'm just asking
to make my filters more effective without pissing off my customers.)


Dave Rand


TTFN,
patrick

**************************************************************
Patrick W. Gilmore                      voice: +1-650-482-2840
Director of Operations, CCIE #2983        fax: +1-650-482-2844
PRIORI NETWORKS, INC.                    http://www.priori.net
              "Tomorrow's Performance.... Today"
**************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: