RE: Is it time to abandon bogon prefix filters?

• From: Sean Donelan
• Date: Tue Aug 26 03:28:16 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

You're missing one of the basic issues with bogon sources: they are
often advertised bogons, IE the bad guy DOES care about getting the
packets back, and has, in fact, created a way to do so.

This is usually VERY BAD traffic, and EVEN WORSE if a user goes TO a
site hosted in such IP space.

So, Bogon filtering has value beyond mere spoofed source rejection.

Unmanaged (or semi-managed) routers probably should not be running
BGP or other exterior routing protocols.  Unmanaged routers with BGP
provide more opportunities to create havoc and mischief.

• References:
  • Re: Is it time to abandon bogon prefix filters? Robert E. Seastrom
  • RE: Is it time to abandon bogon prefix filters? Tomas L. Byrnes
  • Re: Is it time to abandon bogon prefix filters? Pete Templin
  • Re: Is it time to abandon bogon prefix filters? Jared Mauch
  • Re: Is it time to abandon bogon prefix filters? Danny McPherson
  • Re: Is it time to abandon bogon prefix filters? Sean Donelan
  • RE: Is it time to abandon bogon prefix filters? Tomas L. Byrnes

• Prev by Date: Re: Force10 Gear - Opinions
• Next by Date: Re: Force10 Gear - Opinions
• Date Index
• Thread Index
• Author Index
• Historical