RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons

[<michael.dillon () bt com>]

> Well Steve, it's like this:  There are (a) security experts, 
> (b) "security
> experts", and (c) guys that spend their day making things 
> usable in spite of
> what the rest of the net throws in their AS's direction.  
> You're an example of
> one, I'm an example of another, and the advocates of static 
> bogon filters are
> an example of the third.  Figuring out which is which is left 
> as an exercise
> for the reader...

This makes it sound like we are talking about some 
kind of network security issue. We aren't!

The fundamental issue is OPERATIONS and has to do with
policy and management of that policy. Bogon filters are
an example of a policy implementation. It should be no
surprise to anyone in operations that when technical people
implement a policy which does not actually exist within
the company, there is nobody to manage that policy
implementation and it eventually becomes orphaned.
One might argue that if a company is not capable of
setting a policy and managing that policy, then you
should not implement the policy at all.

--Michael Dillon