nanog mailing list archives
Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all)
From: Grant Taylor via NANOG <nanog () nanog org>
Date: Tue, 7 Mar 2023 19:21:08 -0700
On 3/7/23 4:34 PM, Lukas Tribus wrote:
I'm trying to educate people that bogon lists do not belong on hosts, firewalls or intermediate routers, despite Team-cymru's aggressive marketing of the opposite, quote:
I don't have any problem with bogon lists being on hosts or intermediate routers.
The think that you have to remember to do is to exclude locally significant (100.64/10, RFC 1918, et al.) from those filters /or/ account for them in another way.
I have bogons on some hosts /and/ locally significant / more specific routes to 100.64/16 without any problem.
Bogons is just a list of IPs that shouldn't be on the open Internet. But that same list can be re-used ~> abused elsewhere without. How that list is used is installation specific. If you're running default free, make sure that you remove the bogon prefixes from your routing tables /and/ /then/ (re)add any locally significant prefixes.
The Team Cymru bogon's list is a tool and like all tools, it can be mis-used and become a foot gun.
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all), (continued)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Tom Beecher (Mar 07)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Rabbi Rob Thomas (Mar 07)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Lukas Tribus (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Tom Beecher (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) William Herrin (Mar 07)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Lukas Tribus (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Grant Taylor via NANOG (Mar 08)
- RE: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Travis Garrison (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) William Herrin (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Mark Andrews (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Grant Taylor via NANOG (Mar 07)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Lukas Tribus (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Victor Kuarsingh (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Grant Taylor via NANOG (Mar 08)
- Message not available
- Re: Re[2]: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Lukas Tribus (Mar 08)
- Re: RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all) Rabbi Rob Thomas (Mar 19)