[76327] in North American Network Operators' Group
Re: Bogon filtering (don't ban me)
daemon@ATHENA.MIT.EDU (Patrick W Gilmore)
Mon Dec 6 13:22:30 2004
In-Reply-To: <OFF1EE5454.B9C7FCCB-ON80256F62.003E48F6-80256F62.003F3B84@radianz.com>
Cc: Patrick W Gilmore <patrick@ianai.net>
From: Patrick W Gilmore <patrick@ianai.net>
Date: Mon, 6 Dec 2004 13:19:50 -0500
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Dec 6, 2004, at 6:30 AM, Michael.Dillon@radianz.com wrote:
> The point is that the bogon feed doesn't
> need to be hooked directly into your routers.
> This is what Patrick Gilmore does, i.e.
> he takes the bogon feed into a managenment
> system, generates an ACL and then periodically
> applies the ACL to his routers. Presumably
> that ACL gets checked by a clueful person
> before it goes out.
Just to be clear, I did not say that is what I did, or any organization
I work for did. It was just a possible suggestion, not a requirement
or a statement of fact.
I'm just interested in cleaning up the cruft on the 'Net. Useless
deaggregates, bogons, spoofed source, etc. You know, the things YOU
can do with YOUR network and YOUR customers so _I_ do not have to deal
with it.
Given how much time and effort has been spent on things like "filtering
on allocation boundaries" because some big networks do not want to take
some /24s when little guys multi-home, you would think everyone would
get behind this and push really hard. Just seems like a much bigger
win with far fewer religious questions.
But, of course, that wouldn't be nearly as fun. :)
--
TTFN,
patrick
