[48425] in North American Network Operators' Group
Re: Bogon list
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Tue Jun 4 12:16:36 2002
Date: Tue, 4 Jun 2002 12:15:10 -0400
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Rob Thomas <robt@cymru.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <ROTMAILER.0206041030000.9663-100000@dragon.sauron.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Jun 04, 2002 at 10:30:33AM -0500, Rob Thomas wrote:
>
> For a while folks have asked me to add an aggregated ACL, prefix-list,
> or black hole routes to the various templates on my site. I've avoided
> this for a variety of reasons, and decided to create the best of all
> worlds - the bogon list. :)
>
> This list includes the bogons, in both aggregated and non-aggregated
> form. The list includes bit notation, dotted decimal, and Cisco ACL
> styles. This is handy for blocking the bogons, egress and ingress, at
> your borders. Take a peek at it here:
>
> http://www.cymru.com/Documents/bogon-list.html
>
> Comments and feedback are VERY welcome! Be the first in your ASN to
> join the CREDITS section. :)
The problem with bogon lists is that they change on a fairly regular
basis, for example each time a registry is given a new /8 to allocate
from. This makes the role of maintaining an "offical" list of bogons
somewhat important, and the job of updating them somewhat annoying. :)
But, most of your list looks like RFC1918, link-local, and the /8's that
havn't been allocated. This is pretty simple to obtain, but not very
comprehensive.
Off hand just in the reserved section, I see missing:
128.0.0.0/16
191.255.0.0/16
192.0.0.0/17
And probably lots more if you go mine the database (and assuming you're
willing to make a committment for life to continue watching the database
for when they stop being reserved :P).
Then we come to the extra bogons like exchange point allocations. Can't
forget them. :)
I'd suggest you try to work on a database of the bogons with various flags
so people can make their own policy decisions. For example, I would agree
with filtering all of these from my routing table, but not with filtering
RFC1918 space or exchange point routes (at least not on the border device
connecting to it :P) from source addresses.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
