[76216] in North American Network Operators' Group
RE: Bogon filtering (don't ban me)
daemon@ATHENA.MIT.EDU (Mark Segal)
Fri Dec 3 10:55:14 2004
Date: Fri, 3 Dec 2004 10:54:40 -0500
From: "Mark Segal" <MSegal@Corporate.FCIBroadband.com>
To: "David Barak" <thegameiam@yahoo.com>,
"J. Oquendo" <sil@politrix.org>, <nanog@nanog.org>
Errors-To: owner-nanog-outgoing@merit.edu
Then you could also just get a connection to team cymru's bogon servers.
Works Perfectly for us. I have been peering with them from our sink
hole/black hole trigger router, for a while now, and I no longer need to
manually update the files.
More info here.
http://www.cymru.com/BGP/bogon-rs.html
Regards,
Mark
--
Mark Segal=20
Director, Network Planning
FCI Broadband=20
Tel: 905-284-4070=20
Fax: 416-987-4701=20
http://www.fcibroadband.com
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On=20
> Behalf Of David Barak
> Sent: December 3, 2004 10:08 AM
> To: J. Oquendo; nanog@nanog.org
> Subject: Re: Bogon filtering (don't ban me)
>=20
>=20
>=20
> --- "J. Oquendo" <sil@politrix.org> wrote:
>=20
> > I thought about it over and over, and wonder why this hasn't been=20
> > done.
> > Any care to beat me with a clue stick or two. I can understand the=20
> > arguments of not wanting a vendor to have control of some=20
> aspect of my=20
> > business, or control over my network, but correct me if I am wrong,=20
> > wouldn't this solve a heck of a lot of issues concerning=20
> network based=20
> > attacks, spam, scumware/spyware/fooware/$*something?
>=20
> Vendor C has something similar, in their "autosecure"
> feature. However, the trouble is that the list of bogon=20
> networks is static, and in fact includes 70/8 among many=20
> others. This is (I'm certain) contributing to the=20
> reachability issues that those folks with new netblocks experience.
>=20
> A better implementation would be for vendors to include a=20
> "bogon-subscribe server x.x.x.x" feature, which would simply=20
> allow a router to talk to a centralized bogon server. =20
>=20
> However, the complexity of setting up the real-time BGP bogon=20
> feeds is not that hard - anyone who would use the above=20
> command could do it - so I'm not sure that this requires any=20
> new tools.
>=20
> =3D=3D=3D=3D=3D
> David Barak
> -fully RFC 1925 compliant-
>=20
>=20
> =09
> __________________________________
> Do you Yahoo!?=20
> Yahoo! Mail - now with 250MB free storage. Learn more.
> http://info.mail.yahoo.com/mail_250
>=20
>=20
