mailing list archives
Re: do bogon filters still help?
From: John Kristoff <jtk () northwestern edu>
Date: Wed, 11 Jan 2006 12:38:56 -0600
On Wed, 11 Jan 2006 13:03:51 -0500
"Steven M. Bellovin" <smb () cs columbia edu> wrote:
Every time IANA allocates new prefixes, we're treated to complaints
about sites that are not reachable because they're in the new space
and some places haven't updated their bogon filters. My question is
this: have we reached a point where the bogon filters are causing
more pain than they're worth?
Perhaps operators can be convinced that the only best practice
implementation of bogon filtering is through the use of a well
maintained bogon route server service, be it from Team Cymru or
some other well regarded 3rd party. All static, manual config
management of bogon routes should be strongly discouraged.
Now if router vendors could figure out ways to use a bogon route
server for multicast protocols, that would be of a great help to
niche community that has to run that service. There the pain is
arguably worth it (dig about multicast being painful with or
without them here :-)
Re: do bogon filters still help? John Kristoff (Jan 11)