Filtering Unregistered Blocks (WAS: small vent)

Dave Rand dlr at bungi.com
Mon Jun 29 19:23:51 UTC 1998 

[In the message entitled "Filtering Unregistered Blocks (WAS: small vent)" on Jun 29, 11:46, "Patrick W. Gilmore" writes:]
> At 12:45 PM 6/28/98 PDT, Dave Rand wrote:
> 
> >This has, in fact, happened before.  One of the reasons that the unallocated
> >spaces are listed on the RBL.
> 
> This topic comes up every now and then.  I've searched the ARIN site and
> found some very outdated lists (some as old as 1996, but none newer than
> Feb, 1998).  I've searched the archives, but no one seems to have an answer
> - except you.  How do you tell what is and what is not allocated?

Unallocated is (once again) a state of mind.  By unallocated, the RBL
looks upon the IANA allocation of space, not the ARIN view.  So,
for example, 2.0.0.0/8 is on the RBL (as is 0.0.0.0/8).  We watch for
IANA allocation of new blocks, and when they are allocated, remove
them from the RBL.  Of course, this takes more work, and requires that
we watch closely.

As an example, AS3259 is currently advertising a bogon.

*>i213.102.1.0      207.240.113.165       10    100      0 3847 3259 3259 i

> 
> Perhaps you could export just the non-assigned blocks in the RBL?  Maybe
> under a second AS or something?  I have no problem with the RBL myself, but
> some of my customers want a "full table", and won't take an RBL filtered
> one.

That's not how the RBL works in BGP mode.  You can (easily) accept a feed
from the RBL, and filter to accept only /8's from the RBL, which will
give you the desired information.  You are not permitted to redistribute
AS7777 routes to your customers (or anyone, for that matter) without
express approval and a disclaimer in place, so AS7777 is typically
marked as a "no-export" community.

The RBL, in BGP mode, is used by route-mapping the addresses listed on
the RBL to a specific address.   You can, for example, route all 
traffic to RBL listed hosts to go through a 9600 bps dialup port.
Or you can route them to a T1.  Or you can route them to the loopback
port, which is what most people do.  The RBL doesn't filter the BGP
table, at all.

>  I do, however, filter blocks which should not be routed - e.g RFC
> 1918 - and would like to include the non-assigned blocks.  I just can't
> figure out a way to automate such a process.  Especially since the whois
> servers limit the number of queries.  (I'm not complaining, I understand
> the reasons, I'm just stating a fact.)

You can't automate it, easily.  But by using the RBL, you can certainly
get the real-time aspect of it handled well.


-- 
Dave Rand
dlr at bungi.com
http://www.bungi.com

More information about the NANOG mailing list