[50278] in North American Network Operators' Group
RE: Juniper security appnote + martians
daemon@ATHENA.MIT.EDU (Stephen Gill)
Wed Jul 24 12:48:52 2002
From: "Stephen Gill" <gillsr@yahoo.com>
To: <bmanning@karoshi.com>
Cc: <nanog@merit.edu>
Date: Wed, 24 Jul 2002 11:47:52 -0500
In-Reply-To: <200207241552.PAA02418@vacation.karoshi.com>
Errors-To: owner-nanog-outgoing@merit.edu
So as not to cause confusion, the complete current JUNOS martian list
is:
0.0.0.0/8
127.0.0.0/8
128.0.0.0/16
191.255.0.0/16
192.0.0.0/24
223.255.255.0/24
240.0.0.0/4
My questions were on a select portion of these, and a portion of the
ones listed in the security appnote on their website.
Cheers,
-- steve
-----Original Message-----
From: bmanning@karoshi.com [mailto:bmanning@karoshi.com]
Sent: Wednesday, July 24, 2002 10:53 AM
To: Stephen Gill
Cc: nanog@merit.edu
Subject: Re: Juniper security appnote + martians
> Now, on to some of Juniper default martians:
> 128.0.0.0/16
> 191.255.0.0/16
> 192.0.0.0/24
> 223.255.255.0/24
>
> These prefixes seem to be based on
> www.ietf.org/internet-drafts/draft-iana-special-ipv4-03.txt. I'm
> curious what the reasoning is behind selecting these prefixes only.
> Also, given that these may be allocated in the future (per the draft)
> what are your thoughts on having these in Juniper's default config?
> Perhaps these would be good additions to a dynamic (up-to-date) bogon
> list instead of a static placement in JUNOS even though they can be
> overridden if necessary.
>
> Thoughts?
> -- steve
These nets were the "boundary" networks that defined
classful delegations. To round it out properly, one
should include the following:
0.255.255.0/24
126.0.0.0/24
127.255.255.0/24
...
<and the top end of the "D" space>
with the advent of classless addressing (circa 1997)
these "martian" spaces are vestigal. They can be assigned
although it is unlikely that they will be placed into
active use until there is much more of the v4 space
delegated. The IANA draft is "retro" by including them
as "special". They aren't these days.
--bill
