Is it time to abandon bogon prefix filters?
Pete Templin
petelists at templin.org
Mon Aug 18 00:57:25 UTC 2008
Tomas L. Byrnes wrote:
> Since there are ways to dynamically filter the bogons, using BGP or DNS,
> I don't really see the need to stop doing so. If you're managing your
> routing and firewall filters manually, you have bigger problems than the
> release of Bogon space.
Can you share the Cisco configuration snippet you recommend to
dynamically FILTER bogons using BGP or DNS? Not just inserting
null-routes for the bogon aggregates, but preventing the acceptance of
more-specifics that transits/peers/customers have managed to sneak past
someone's filters (or lack thereof), please.
(Without an offline configuration generator, I postulate that it can't
be done.)
pt
More information about the NANOG
mailing list