mailing list archives
Re: do bogon filters still help?
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 12 Jan 2006 00:21:30 +0100
* Pim van Pelt:
Hi Florian, others,
| You should move 188.8.131.52/24 from SPECIAL to YES (although you
| shouldn't see source addresses from that prefix, no matter what the
| folks at bit.nl think). 169.254.0.0/16 should be NO (otherwise it
| wouldn't be link-local).
Hi, here's a member of 'the folks at bit.nl'. Just a quick note to
say that we have been sourcing IPv4 packets from 184.108.40.206 at a rate
of 2.000 to 10.000 packets per second since early 2003, so I'm guessing
we have sent some 750.000 billion packets by now.
And this is just so wrong. You should use an address you own as a
source address. Otherwise, packets tend to get dropped by filters.
And no, "anyone should be able to spoof from 220.127.116.11/24" is not
the answer to this kind of problem.
Re: do bogon filters still help? John Kristoff (Jan 11)