[57981] in North American Network Operators' Group
RE: Who is announcing bogons?
daemon@ATHENA.MIT.EDU (McBurnett, Jim)
Mon Apr 28 21:32:03 2003
Date: Mon, 28 Apr 2003 21:29:16 -0400
From: "McBurnett, Jim" <jmcburnett@msmgmt.com>
To: "Sean Donelan" <sean@donelan.com>, <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Sean,
I am not a BGP Guru by any means but as I see it:
there are more than 25 /8 that should not be routed at all...
And they are easily summarized.. some can be /6 or less...
I never tried that.. But should work....
If I go to AT&T and ask for a list of what should be routed,
That will be a huge list and not summarizeable.
Although there are routers on the market that have massive amounts of =
RAM
and can handle oodles of routes, and some ISP's may want to do this.
BUT the average net user can easily take a BGP Feed of say 25 /8 and
50 /16 or so and /dev null all is fine. Using my example of the blockage =
of
APNIC /8s.. SPAM SPAM GONE Away..... So can many other problems...
(I ACL'd 4 /8 from APNIC on a Mail server and lost 60-70 % of the =
inbound SPAM...=20
Nice test, Syslog didn't like it none.....)
To me Rob provides a great service, which I am ashamed to say, I am =
falling=20
down to implement... If I could /dev null some of the ole task list=20
I would do it now....
Anyway, JMHO....
Jim
>-----Original Message-----
>From: Sean Donelan [mailto:sean@donelan.com]
>Sent: Monday, April 28, 2003 9:16 PM
>To: nanog@merit.edu
>Subject: Who is announcing bogons?
>
>
>
>On Mon, 28 Apr 2003, Rob Thomas wrote:
>> ] Rob, on the other hand, has gained a lot of trust in maintaining
>> ] a highly accurate list.
>> Thanks very much. :) I can't accept all the credit though.=20
> My thanks
>> go out to all the members of Team Cymru.
>
>Unfortunately, no good deed goes unpunished. Jon Postel did a great
>job maintaining the list of IP addresses. Paul Vixie did a great job
>with the first Real-Time Blackhole List. But people move on,=20
>and things
>change.
>
>But my real question is why are negative bogon lists necessary? If you
>ask providers, they all say they implement positive prefix list filters
>on all their customers. So who is injecting the bogons? And=20
>why do they
>still have a network connection?
>
>Should we be spending time teaching people how to do positive prefix
>filters, or trying to explain to them why the negative prefix filter
>the last network administrator installed 2 years ago is out of date.
>
>What is the cross-over point? When does the number of lines in a bogon
>list become larger than the positive prefix filter? If you=20
>are going to
>list every sub-allocation which isn't routed, why not just list the
>allocations which should be routed?
>
>
>
