North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is it time to abandon bogon prefix filters?

  • From: Robert E. Seastrom
  • Date: Fri Aug 15 09:37:26 2008

Randy Bush <[email protected]> writes:

>> In other words, our earlier estimate of 60% was way off...  you can
>> get 92.1% effectiveness at bogon filtering by just dropping 1918
>> addresses, a filter that you will never have to change.
>
> my read is that the 60% was an alleged 60% of attacks came from *all*
> bogon space.  this now seems in the low single digit percentge.  of
> that, the majority is from 1918 space.

so is there any case to be made for filtering bogons on
upstream/peering ingress at all anymore?

(this discussion is orthogonal to bcp38/urpf, which i think we all
agree is a good thing and would be great if we could get it further
deployed)

                                        ---rob