Firewall Wizards mailing list archives

egress/ingress filtering

From: "Irwin R. Naumann" <irwin () thinkage ca>
Date: Thu, 15 Feb 2001 14:08:26 -0500 (EST)

I know that one should do egress/ingress filtering on one's network border(s)
of the private networks described in RFC1918 (10.0.0.0/8, 172.16.0.0.0/12,
192.168.0.0/16) and anti-spoofing of one's own address blocks.

Bill Manning expanded this list to include:
0.0.0.0/8
127.0.0.0/8
192.0.2.0/24
169.254.0.0/16
all D/E space (with a caveat on Class D - multicast address space)
in http://search.ietf.org/internet-drafts/draft-manning-dsua-06.txt.

Is there an RFC or internet draft other than Bill Manning's that documents
special prefixes?

Are these ALL the special prefixes?

Why aren't "IANA - Reserved" blocks as found in 
http://www.isi.edu/in-notes/iana/assignments/ipv4-address-space
included in egress/ingress filtering examples?

  Irwin
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

egress/ingress filtering Irwin R. Naumann (Feb 15)
- Re: egress/ingress filtering Crist Clark (Feb 16)
- <Possible follow-ups>
- RE: egress/ingress filtering shewitt (Feb 16)
- Re: egress/ingress filtering Bill_Royds (Feb 16)
  - Re: egress/ingress filtering Crist Clark (Feb 16)
    - Re: egress/ingress filtering Ryan Russell (Feb 17)
- Re: egress/ingress filtering Irwin R. Naumann (Feb 16)
  - Re: egress/ingress filtering Crist Clark (Feb 16)