North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: What were we saying about edge filtering?

  • From: Gerardo Gregory
  • Date: Thu Sep 04 11:02:36 2003


My opinion is fairly clear on this topic.  If I can't
return it, I'm not going to accept it.
AMEN!
I get these with frequency also on my edge logs. I just let my own filters catch them. It differs each month also on the ammount of traffic I get from these address blocks.
G.
Jared Mauch writes:
On Thu, Sep 04, 2003 at 06:37:57AM +0000, Christopher L. Morrow wrote:
On Thu, 4 Sep 2003, Matthew Sullivan wrote:
> More whining and bitching from me ... sorry...
>
> So who thinks allowing anyone to route to or from IANA Reserved blocks
> (Bogons) is acceptable?
>
Technically these packets are 'routed' correctly, they are perhaps not
filtered, but thats another story entirely.
> A few captured packets....
>
> 15:42:41.434384 1.6.145.24.1116 > 203.101.254.254.53: S
-- snip --
>
> Is there any need to route bogons? Is there any reason why it cannot be
> filtered (I appreciate 224-239 is a different story)....?
>
At the edge, very near the originating host there is no reason not to
filter these, if you find the sources you might consider asking them why
they didn't filter these for you...
I would ask your upstreams to filter out such "worthless"
traffic. My opinion is fairly clear on this topic. If I can't
return it, I'm not going to accept it.
Fairly simple policy.
- jared

> These packets were all originated on the other side of the Pacific to
> Telecom NZ.
>
and they travelled well apparently.

--
Jared Mauch | pgp key available via finger from [email protected]
clue++; | http://puck.nether.net/~jared/ My statements are only mine.


Gerardo A. Gregory
Manager Network Administration and Security
402-970-1463 (Direct)
402-850-4008 (Cell)
------------------------------------------------
Affinitas - Latin for "Relationship"
Helping Businesses Acquire, Retain, and Cultivate
Customers
Visit us at http://www.affinitas.net