North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: [c-nsp] [Re: huge amount of weird traffic on poin-to-point ethernet link]
Robert E. Seastrom wrote: > [email protected] writes: > >> On Thu, Nov 09, 2006 at 09:26:13AM -0500, Robert Boyle wrote: >>> >>> At 09:23 AM 11/9/2006, you wrote: >>>> On Thu, Nov 09, 2006, Robert Boyle wrote: >>>> >>>>> You should also create a bogons list for your BGP routes which you >>>>> accept from your upstream. Block all RFC1918 space and unassigned >>>>> public addresses too. Just keep on top of it when new allocations >>>>> are put into use. We see all kinds of crazy things which people >>>>> try to announce (and successfully too - up to our borders anyway.) >>>> >>>> Is there a somewhat-reliable bogon BGP feed that can be subscribed >>>> to these days? >>> >>> We just maintain our own. I remember hearing about one a while ago, >>> but we don't use it so I don't know any details. >> >> I'd strongly advise against folks doing it statically.. there seems >> to be ongoing issues with stale filters each time new address space >> is released. Even with the best of intentions folks change role or >> employer and things can get left unmanaged. >> >> The craziest stuff that gets announced isnt in the >> reserved/unallocated realm anyway so the effort seems to be >> disproportional to the benefits... and most issues I read about with >> reserved space is packets coming FROM them not TO them.... > > Steve's 100% spot-on here. I don't have bogon filters at all and it > hasn't hurt me in the least. I think the notion that this is somehow > a good practice needs to be quashed. Some people don't use condoms with hookers either. Just because they haven't caught anything yet doesn't make it a smart practice. Andrew
|