Re: 10/8 announced ?

North American Network Operators Group
Re: 10/8 announced ?

From: Stephen Stuart
Date: Thu Jul 11 01:33:11 1996
> 10/8 gets announced at least once a day by someone somewhere. Really.
> 
> So what else is new? Smart providers explicitly filter RFC-1918 address
> space.  ;-)

In response to an appearance in May of some 192.168/16 prefixes, Paul
Vixie sent this to the NANOG list. I wrote up a gated analogue for
Digital's border routers; if anyone wants one, send me mail.

> Message-Id: <[email protected]>
> To: [email protected]
> Subject: Re: RFC 1597 
> Date: Wed, 22 May 1996 22:34:17 -0700
> From: Paul A Vixie <[email protected]>
> 
> > *> 192.168.22.0     144.228.71.5    0 1239 1800 1804 1128 1955 3337 ?
> > *> 192.168.100.0/22 144.228.71.5    0 1239 1794 ?
> > *> 192.168.216.0    144.228.71.5    0 1239 1800 1755 1273 ?
> > 
> > Shame on you 3337, 1794 and 1273.
> 
> Indeed.  Since it's not my turn to be at fault for this kind of thing tonight,
> I guess I'll chime in with a copy of some useful goodies that Andrew Partan
> bestowed upon me last time CIX was caught advertising something bad:
> 
> router bgp xxxx
>  neighbor y.y.y.y remote-as zzzz
>  neighbor y.y.y.y distribute-list 100 in
>  neighbor y.y.y.y distribute-list 101 out
> 
> access-list 100 deny   ip host 0.0.0.0 any
> access-list 100 deny   ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> access-list 100 deny   ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> access-list 100 deny   ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
> access-list 100 deny   ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 100 deny   ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 100 deny   ip 128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 100 deny   ip 191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 100 deny   ip 192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 100 deny   ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 100 deny   ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
> access-list 100 deny   ip any 255.255.255.128 0.0.0.127
> access-list 100 permit ip any any
> 
> access-list 101 deny   ip host 0.0.0.0 any
> access-list 101 deny   ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> access-list 101 deny   ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> access-list 101 deny   ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
> access-list 101 deny   ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 101 deny   ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 101 deny   ip 128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 101 deny   ip 191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> access-list 101 deny   ip 192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 101 deny   ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
> access-list 101 deny   ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
> access-list 101 deny   ip any 255.255.255.128 0.0.0.127
> access-list 101 permit ip any any
> 
> These are currently identical, but they're split into separate access-list's
> in case the sending restrictions and the receiving restrictions ever have
> cause to differ.
> 
> Note that everybody who's anybody uses peer groups rather than duplicating
> this for every peer, but I'm the wrong person to try to explain peer groups
> so the above was intentionally kept at my "grunt, poke, listen" level.

Stephen
- -----
Stephen Stuart				[email protected]
Network Systems Laboratory
Digital Equipment Corporation
- - - - - - - - - - - - - - - - -
References:
- Re: 10/8 announced ? Paul Ferguson
Prev by Date: Re: 10/8 announced ?
Next by Date: L'ironie est le fond du caractere de la Providence
Date Index
Thread Index
Author Index
Historical