Is it time to abandon bogon prefix filters?

Robert E. Seastrom rs at seastrom.com
Fri Aug 15 15:08:07 UTC 2008


Sean Donelan <sean at donelan.com> writes:

> For unmanaged and semi-managed routers, I'd suggest strict out-bound
> packet controls (i.e. be conservative in what you send) because you
> already need to make operational updates when they change.  But
> consider using inbound controls that require less extensive
> recurring maintenance, e.g. only filtering martians (i.e. 0/8,
> 127/8, 255.255.255.255/32, etc) instead of updating bogons
> (i.e. changing reserved and unallocated) every few months.

I think we're in violent agreement here.

-r





More information about the NANOG mailing list