North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Who is announcing bogons?

  • From: Stephen J. Wilcox
  • Date: Tue Apr 29 05:27:28 2003

On Mon, 28 Apr 2003, Sean Donelan wrote:

> 
> On Mon, 28 Apr 2003, Rob Thomas wrote:
> > ] Rob, on the other hand, has gained a lot of trust in maintaining
> > ] a highly accurate list.
> > Thanks very much.  :)  I can't accept all the credit though.  My thanks
> > go out to all the members of Team Cymru.
> 
> Unfortunately, no good deed goes unpunished.  Jon Postel did a great
> job maintaining the list of IP addresses.  Paul Vixie did a great job
> with the first Real-Time Blackhole List.  But people move on, and things
> change.
> 
> But my real question is why are negative bogon lists necessary?  If you
> ask providers, they all say they implement positive prefix list filters
> on all their customers.  So who is injecting the bogons?  And why do they
> still have a network connection?
> 
> Should we be spending time teaching people how to do positive prefix
> filters, or trying to explain to them why the negative prefix filter
> the last network administrator installed 2 years ago is out of date.
> 
> What is the cross-over point?  When does the number of lines in a bogon
> list become larger than the positive prefix filter?  If you are going to
> list every sub-allocation which isn't routed, why not just list the
> allocations which should be routed?

Alternatively monitor the BGP table and pull out the bogons then produce a list 
of them along with AS path info, possibly sending out to the list to the 
upstreams as well as nanog.

Steve