nanog mailing list archives
RE: Checking bogon status of new address space
From: "Frank Bulk" <frnkblk () iname com>
Date: Fri, 8 May 2009 23:41:36 -0500
Ran across two different DNS hosters in the last two weeks that were blocking space that was de-bogoned 2.5 years ago... =( One started as an e-mail issue, the other as a web access. The e-mail issue showed up as the server sending the sender an "I can't deliver this e-mail because I can't resolve the DNS info", and digs from the e-mail server confirmed the case. Testing from our old IP address space worked, so it was clear it was some kind of block based on IP address. The web browsing one was easy, too, because the customer was able to browse (when they had old DNS servers) and then couldn't (when we handed out new DNS servers). Since the e-mail issue was fresh in our mind, it was one of the first things we tested. I hope both DNS hosters took the time to update the rest of their bogon lists, too, not just remove our space from the bogon list. Frank -----Original Message----- From: Steve Dalberg [mailto:steve+nanog () sendithere com] Sent: Friday, May 08, 2009 9:45 AM To: Oliver Hookins Cc: nanog () nanog org Subject: Re: Checking bogon status of new address space Having recently received some de-bogon'ed addressing in or about this March, I can tell you that the one problem I had was people that had not updated their Bind Bogon filters ( http://www.cymru.com/Documents/secure-bind-template.html) and so were not responding to requests from our address space, so we just moved our dns cache boxes back to our older Level3 address space. Took a while to figure that one out though. Steve 2009/5/7 Oliver Hookins <oliver.hookins () anchor com au>
Hi, my company has just been allocated some new IPv4 address space, and I want to do some sort of automated testing to find out any ASs out there that haven't removed the /8 it's on from their bogon list (the allocation to
our
local registry only occurred in November last year). Has anybody attempted to do this? It is worth bothering? Currently I'm considering pulling out all the endpoint ASs out of the BGP table, finding at least one subnet for each of them and attempting to ping or reach other common ports on a single IP for each AS from our currently working address space, and then the new address space and comparing results. -- Regards, Oliver Hookins Anchor Systems
Current thread:
- RE: Checking bogon status of new address space, (continued)
- RE: Checking bogon status of new address space Frank Bulk (May 08)
- Re: Checking bogon status of new address space Marco Hogewoning (May 08)
- Re: Checking bogon status of new address space Wolfgang Nagele (May 08)
- Re: Checking bogon status of new address space Marco Hogewoning (May 08)
- Re: Checking bogon status of new address space Jon Lewis (May 08)
- Re: Checking bogon status of new address space Steve Dalberg (May 08)
- Re: Checking bogon status of new address space Rob Thomas (May 08)
- Re: Checking bogon status of new address space Leo Bicknell (May 08)
- Re: Checking bogon status of new address space Owen DeLong (May 08)
- Re: Checking bogon status of new address space James Hess (May 09)
- Re: Checking bogon status of new address space Robert E. Seastrom (May 12)
- Re: Checking bogon status of new address space Rob Thomas (May 08)
- RE: Checking bogon status of new address space Frank Bulk (May 08)
- RE: Checking bogon status of new address space Frank Bulk (May 08)
- Re: Checking bogon status of new address space Oliver Hookins (May 26)
- Re: Checking bogon status of new address space Jon Lewis (May 11)