nanog mailing list archives
RE: Bogon list
From: "Barry Raveendran Greene" <bgreene () cisco com>
Date: Tue, 4 Jun 2002 10:00:53 -0700
The problem with bogon lists is that they change on a fairly regular basis, for example each time a registry is given a new /8 to allocate from. This makes the role of maintaining an "official" list of bogons somewhat important, and the job of updating them somewhat annoying. :)
Ingress peering filters have to be maintained. That comes with the territory. If you use Net Police filtering (i.e. explicit permit - only allow the RIR's blocks), you'll need to modify the list as the RIR's get new blocks allocated to them. If you use Bogon filtering (i.e. explicit deny - denying bogons and allowing everything else), you'll need to modify the list as the RIR's get new blocks allocated to them. Doing neither increases the risk of your network to BGP garbage attacks (i.e. incidents like the AS7007 fun). All Rob did is make it easier for those who do not like the Net Police filtering techniques. Now you have some templates to help get started with a bogon based ingress filter.
Current thread:
- RE: Bogon list, (continued)
- RE: Bogon list Barry Raveendran Greene (Jun 04)
- Re: Bogon list Leo Bicknell (Jun 04)
- Re: Bogon list Aditya (Jun 04)
- Re: Bogon list Randy Bush (Jun 04)
- Re: Bogon list Aditya (Jun 04)
- Re: Bogon list Randy Bush (Jun 04)
- Re: Bogon list David McGaugh (Jun 04)
- Re: Bogon list Leo Bicknell (Jun 04)
- RE: Bogon list Kurt Erik Lindqvist (Jun 05)
- Re: Bogon list Joe Abley (Jun 04)
- Re: Bogon list Stephen Griffin (Jun 06)
- Re: Bogon list Richard A Steenbergen (Jun 06)
- Re: Bogon list John Payne (Jun 06)
- Re: Bogon list Stephen J. Wilcox (Jun 07)
- Re: Bogon list Greg A. Woods (Jun 07)
- Re: Bogon list Chris Woodfield (Jun 07)
- Re: Bogon list Stephen J. Wilcox (Jun 08)