North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is it time to abandon bogon prefix filters?

  • From: Valdis . Kletnieks
  • Date: Mon Aug 25 09:32:57 2008

On Sun, 24 Aug 2008 23:21:23 PDT, "Tomas L. Byrnes" said:
> You're missing one of the basic issues with bogon sources: they are
> often advertised bogons, IE the bad guy DOES care about getting the
> packets back, and has, in fact, created a way to do so.

But if you've seen a BGP announcement with a prefix that covers the source,
is it really a bogon anymore?

At that point, you're not worrying about bogon filtering, you're worrying
about sanity-checking what BGP advertisements you accept.  Also a worthy
thing to do, but different from bogon filtering.

Attachment: pgp00018.pgp
Description: PGP signature