[87821] in North American Network Operators' Group
Re: do bogon filters still help?
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed Jan 11 18:22:00 2006
From: Florian Weimer <fw@deneb.enyo.de>
To: Pim van Pelt <pim@bit.nl>
Cc: "william(at)elan.net" <william@elan.net>, nanog@nanog.org
Date: Thu, 12 Jan 2006 00:21:30 +0100
In-Reply-To: <20060111231138.GC14822@localhost.localdomain> (Pim van Pelt's
message of "Thu, 12 Jan 2006 00:11:38 +0100")
Errors-To: owner-nanog@merit.edu
* Pim van Pelt:
> Hi Florian, others,
>
> | You should move 192.88.99.0/24 from SPECIAL to YES (although you
> | shouldn't see source addresses from that prefix, no matter what the
> | folks at bit.nl think). 169.254.0.0/16 should be NO (otherwise it
> | wouldn't be link-local).
> Hi, here's a member of 'the folks at bit.nl'. Just a quick note to
> say that we have been sourcing IPv4 packets from 192.88.99.1 at a rate
> of 2.000 to 10.000 packets per second since early 2003, so I'm guessing
> we have sent some 750.000 billion packets by now.
And this is just so wrong. You should use an address you own as a
source address. Otherwise, packets tend to get dropped by filters.
And no, "anyone should be able to spoof from 192.88.99.0/24" is not
the answer to this kind of problem.
