[106918] in North American Network Operators' Group
RE: Is it time to abandon bogon prefix filters?
daemon@ATHENA.MIT.EDU (Tomas L. Byrnes)
Sun Aug 17 23:36:19 2008
Date: Sun, 17 Aug 2008 20:36:09 -0700
In-Reply-To: <48A8C8F5.7080102@templin.org>
From: "Tomas L. Byrnes" <tomb@byrneit.net>
To: "Pete Templin" <petelists@templin.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
ACLs=20
=20
> -----Original Message-----
> From: Pete Templin [mailto:petelists@templin.org]=20
> Sent: Sunday, August 17, 2008 5:57 PM
> To: Tomas L. Byrnes
> Cc: NANOG list
> Subject: Re: Is it time to abandon bogon prefix filters?
>=20
> Tomas L. Byrnes wrote:
> > Since there are ways to dynamically filter the bogons, using BGP or=20
> > DNS, I don't really see the need to stop doing so. If=20
> you're managing=20
> > your routing and firewall filters manually, you have bigger=20
> problems=20
> > than the release of Bogon space.
>=20
> Can you share the Cisco configuration snippet you recommend=20
> to dynamically FILTER bogons using BGP or DNS? Not just=20
> inserting null-routes for the bogon aggregates, but=20
> preventing the acceptance of more-specifics that=20
> transits/peers/customers have managed to sneak past someone's=20
> filters (or lack thereof), please.
>=20
> (Without an offline configuration generator, I postulate that=20
> it can't be done.)
>=20
> pt
>=20
