Home page logo
/

nanog logo nanog mailing list archives

Re: do bogon filters still help?
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 11 Jan 2006 21:36:37 +0100


* william elan net:

You should move 192.88.99.0/24 from SPECIAL to YES (although you
shouldn't see source addresses from that prefix, no matter what the
folks at bit.nl think).  169.254.0.0/16 should be NO (otherwise it
wouldn't be link-local).

I think you just explained it yourself why this is "SPECIAL", i.e.
routing of it depends on local policies and setup. Anything where it
is not clear from RFCs if it should be routable or not and where it 
depends on local decisions & policy is what I called SPECIAL.

Uhm, no.  6to4 anycast only works without hickups when the prefix is
NOT treated in any special way. 8-) That's part of its charm.  If
operators start to install special filters, they break this
functionality for no real gain.

I haven't looked at RFC 3330, but another RFC reserves 192.0.2.0/24
for examples in documentation.  In practice, this prefix is used for
distributing fake null routes over BGP, so it's a rather strong NO.

If you know which RFC it is, I'll update the reference table.

Uhm, looks like I was mistaken.  Each time the topic comes up, I
confuse this with RFC 2606 (domain names).  No such RFC exists for
IPv4 addresses.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault