[93317] in North American Network Operators' Group
RE: [c-nsp] [Re: huge amount of weird traffic on poin-to-point ethernet link]
daemon@ATHENA.MIT.EDU (andrew2@one.net)
Thu Nov 9 10:19:55 2006
Reply-To: <andrew@profitability.net>
From: <andrew2@one.net>
To: <nanog@merit.edu>
Date: Thu, 9 Nov 2006 10:18:46 -0500
In-Reply-To: <86k6248y2n.fsf@midgard.seastrom.com>
Errors-To: owner-nanog@merit.edu
Robert E. Seastrom wrote:
> steve@telecomplete.co.uk writes:
>
>> On Thu, Nov 09, 2006 at 09:26:13AM -0500, Robert Boyle wrote:
>>>
>>> At 09:23 AM 11/9/2006, you wrote:
>>>> On Thu, Nov 09, 2006, Robert Boyle wrote:
>>>>
>>>>> You should also create a bogons list for your BGP routes which you
>>>>> accept from your upstream. Block all RFC1918 space and unassigned
>>>>> public addresses too. Just keep on top of it when new allocations
>>>>> are put into use. We see all kinds of crazy things which people
>>>>> try to announce (and successfully too - up to our borders anyway.)
>>>>
>>>> Is there a somewhat-reliable bogon BGP feed that can be subscribed
>>>> to these days?
>>>
>>> We just maintain our own. I remember hearing about one a while ago,
>>> but we don't use it so I don't know any details.
>>
>> I'd strongly advise against folks doing it statically.. there seems
>> to be ongoing issues with stale filters each time new address space
>> is released. Even with the best of intentions folks change role or
>> employer and things can get left unmanaged.
>>
>> The craziest stuff that gets announced isnt in the
>> reserved/unallocated realm anyway so the effort seems to be
>> disproportional to the benefits... and most issues I read about with
>> reserved space is packets coming FROM them not TO them....
>
> Steve's 100% spot-on here. I don't have bogon filters at all and it
> hasn't hurt me in the least. I think the notion that this is somehow
> a good practice needs to be quashed.
Some people don't use condoms with hookers either. Just because they
haven't caught anything yet doesn't make it a smart practice.
Andrew
