[106885] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Is it time to abandon bogon prefix filters?

daemon@ATHENA.MIT.EDU (Robert E. Seastrom)
Fri Aug 15 11:08:17 2008

To: Sean Donelan <sean@donelan.com>
From: "Robert E. Seastrom" <rs@seastrom.com>
Date: Fri, 15 Aug 2008 11:08:07 -0400
In-Reply-To: <200808150932430.32BF5B92.19528@clifden.donelan.com> (Sean
	Donelan's message of "Fri, 15 Aug 2008 09:49:38 -0400 (EDT)")
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org


Sean Donelan <sean@donelan.com> writes:

> For unmanaged and semi-managed routers, I'd suggest strict out-bound
> packet controls (i.e. be conservative in what you send) because you
> already need to make operational updates when they change.  But
> consider using inbound controls that require less extensive
> recurring maintenance, e.g. only filtering martians (i.e. 0/8,
> 127/8, 255.255.255.255/32, etc) instead of updating bogons
> (i.e. changing reserved and unallocated) every few months.

I think we're in violent agreement here.

-r


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[106885] in North American Network Operators' Group

Re: Is it time to abandon bogon prefix filters?

daemon@ATHENA.MIT.EDU (Robert E. Seastrom)Fri Aug 15 11:08:17 2008

daemon@ATHENA.MIT.EDU (Robert E. Seastrom)
Fri Aug 15 11:08:17 2008