Checking bogon status of new address space

• Previous message (by thread): Checking bogon status of new address space
• Next message (by thread): Checking bogon status of new address space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ran across two different DNS hosters in the last two weeks that were
blocking space that was de-bogoned 2.5 years ago... =(

One started as an e-mail issue, the other as a web access.  The e-mail issue
showed up as the server sending the sender an "I can't deliver this e-mail
because I can't resolve the DNS info", and digs from the e-mail server
confirmed the case.  Testing from our old IP address space worked, so it was
clear it was some kind of block based on IP address.  The web browsing one
was easy, too, because the customer was able to browse (when they had old
DNS servers) and then couldn't (when we handed out new DNS servers).  Since
the e-mail issue was fresh in our mind, it was one of the first things we
tested.

I hope both DNS hosters took the time to update the rest of their bogon
lists, too, not just remove our space from the bogon list.

Frank

-----Original Message-----
From: Steve Dalberg [mailto:steve+nanog at sendithere.com] 
Sent: Friday, May 08, 2009 9:45 AM
To: Oliver Hookins
Cc: nanog at nanog.org
Subject: Re: Checking bogon status of new address space

Having recently received some de-bogon'ed addressing in or about this March,
I can tell you that the one problem I had was people that had not updated
their Bind Bogon filters (
http://www.cymru.com/Documents/secure-bind-template.html) and so were not
responding to requests from our address space, so we just moved our dns
cache boxes back to our older Level3 address space.  Took a while to figure
that one out though.

Steve

2009/5/7 Oliver Hookins <oliver.hookins at anchor.com.au>

> Hi,
>
> my company has just been allocated some new IPv4 address space, and I want
> to do some sort of automated testing to find out any ASs out there that
> haven't removed the /8 it's on from their bogon list (the allocation to
our
> local registry only occurred in November last year).
>
> Has anybody attempted to do this? It is worth bothering? Currently I'm
> considering pulling out all the endpoint ASs out of the BGP table, finding
> at least one subnet for each of them and attempting to ping or reach other
> common ports on a single IP for each AS from our currently working
> address space, and then the new address space and comparing results.
>
> --
> Regards,
> Oliver Hookins
> Anchor Systems
>
>

• Previous message (by thread): Checking bogon status of new address space
• Next message (by thread): Checking bogon status of new address space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]