North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bogon filtering (don't ban me)

  • From: william(at)
  • Date: Sun Dec 05 13:07:59 2004

On Sun, 5 Dec 2004, william(at) wrote:

> On Sun, 5 Dec 2004, Joe Abley wrote:
> > On 5 Dec 2004, at 06:50, Cliff Albert wrote:
> > 
> > > I have one question regarding the CYMRU bogon route-server. What good 
> > > is
> > > it if more-specific bogons are going around in the BGP table ?
> > 
> > With OpenBSD 3.6 running pf and bgpd, you can apply a filter rule to 
> > BGP updates received from individual peers which updates a pf radix 
> > table with the network received:
> PF and bgpd with local filter table is good when you're expecting those
> filtered ip routes to change often. But this is not true about bogons

Ok, I guess I did not read original post closely enough. PF is for 
reinjecting routes that match local rules back into bgp, right?
If so I apologize, I though it was talking about taking bgp data
and using it to filter local servers....

For looking at active routes and seeing which ones match the rules I 
personally use "hacked" bird daemon, but it is not ready for public

William Leibzon, Elan Networks:
 mailto: [email protected]
Anti-Spam and Email Security Research Worksite: