Is it time to abandon bogon prefix filters?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Aug 25 13:32:45 UTC 2008


On Sun, 24 Aug 2008 23:21:23 PDT, "Tomas L. Byrnes" said:
> You're missing one of the basic issues with bogon sources: they are
> often advertised bogons, IE the bad guy DOES care about getting the
> packets back, and has, in fact, created a way to do so.

But if you've seen a BGP announcement with a prefix that covers the source,
is it really a bogon anymore?

At that point, you're not worrying about bogon filtering, you're worrying
about sanity-checking what BGP advertisements you accept.  Also a worthy
thing to do, but different from bogon filtering.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080825/d9c9b205/attachment.sig>


More information about the NANOG mailing list