[91239] in North American Network Operators' Group
Re: Best practices inquiry: filtering 128/1
daemon@ATHENA.MIT.EDU (John Kristoff)
Mon Jul 10 23:23:21 2006
Date: Mon, 10 Jul 2006 22:22:49 -0500
From: John Kristoff <jtk@ultradns.net>
To: nanog@merit.edu
In-Reply-To: <a06200701c0d8c139ba98@[169.254.1.5]>
Errors-To: owner-nanog@merit.edu
On Mon, 10 Jul 2006 21:56:27 -0500
Jerry Pasker <jerry@jerry.org> wrote:
> Because you fear that their routers that distribute the feed could
> become own3d and used to cause a massive DoS by filtering out some
> networks?
Someone in the NANOG community, I forget who now, had the sensible
suggestion that you create a filter list based on the bogon list at
the time you setup your feed. You use that to limit what you will
accept from Cymru. Since bogon blocks will only get allocated, the
worst that could happen is the breaking of a recently allocated bogon
network. Even if you don't update your filter list for the next 5
years the damage is likely to be minimal.
John
