[25251] in North American Network Operators' Group

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Martian list of IP's to block???

daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Fri Oct 1 11:54:03 1999

From: "Rubens Kuhl Jr." <rkuhljr@uol.com.br>
To: <nanog@merit.edu>
Date: Fri, 1 Oct 1999 12:42:40 -0300
Message-ID: <003a01bf0c23$98337100$5cf1e7c8@users.uol.com.br>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-reply-to: <OF1A472F67.E919BB88-ON852567FD.0041BD2C@3x.com>
Errors-To: owner-nanog-outgoing@merit.edu


>     deny   ip host 0.0.0.0 any log
>     deny   ip 127.0.0.0 0.255.255.255 any log
>     deny   ip 10.0.0.0 0.255.255.255 any log
>     deny   ip 172.16.0.0 0.15.255.255 any log
>     deny   ip 192.168.0.0 0.0.255.255 any log
>     deny   ip xxx.xxx.xxx.0 0.0.0.255 any log
>     deny   ip 224.0.0.0 31.255.255.255 any log

Routing those networks to nul0 and turning 'ip verify unicast reverse-path'
on CEF-enabled Cisco routers does this without CPU load or does not ?



Rubens Kuhl Jr.

home	help	back	first	fref	pref	prev	next	nref	lref	last	post