UUNet Routing SNAFU
Alec H. Peterson
ahp at hilander.com
Thu Oct 9 03:17:09 UTC 1997
On Wed, Oct 08, 1997 at 07:39:52PM -0700, David Carmean wrote:
>
> I installed the ACL Sean posted back in December of '95, updated by
> changes he posted in June of '96. Is that list still reasonable?
I'm pretty sure that is the version that filters >=207 at /19 (instead
of /18 which is where he initially put the filter). However, keep in
mind that the registries have been allocating space out of old class A
space, which all versions of his filter I've seen _will_ block. So,
depending on your policy you would want to add:
access-list xxx permit ip 62.0.0.0 0.255.255.255 0.0.0.0 255.255.255.0
Do that for 24/8, 62/8 and any other blocks that the IANA has released
to a registry (I think Dorian mentioned 63/8 and 64/8 as well). Of
course, if you want to filter on /19 then your mask will be a little
different.
Of course, one can just do what Randy suggested and filter all class A
space at /19 and be done with it.
Alec
--
+------------------------------------+--------------------------------------+
|Alec Peterson - ahp at hilander.com | Erols Internet Services, INC. |
|Network Engineer | Springfield, VA. |
+------------------------------------+--------------------------------------+
More information about the NANOG
mailing list