Who is announcing bogons?
Stephen J. Wilcox
steve at telecomplete.co.uk
Tue Apr 29 09:24:32 UTC 2003
On Mon, 28 Apr 2003, Sean Donelan wrote:
>
> On Mon, 28 Apr 2003, Rob Thomas wrote:
> > ] Rob, on the other hand, has gained a lot of trust in maintaining
> > ] a highly accurate list.
> > Thanks very much. :) I can't accept all the credit though. My thanks
> > go out to all the members of Team Cymru.
>
> Unfortunately, no good deed goes unpunished. Jon Postel did a great
> job maintaining the list of IP addresses. Paul Vixie did a great job
> with the first Real-Time Blackhole List. But people move on, and things
> change.
>
> But my real question is why are negative bogon lists necessary? If you
> ask providers, they all say they implement positive prefix list filters
> on all their customers. So who is injecting the bogons? And why do they
> still have a network connection?
>
> Should we be spending time teaching people how to do positive prefix
> filters, or trying to explain to them why the negative prefix filter
> the last network administrator installed 2 years ago is out of date.
>
> What is the cross-over point? When does the number of lines in a bogon
> list become larger than the positive prefix filter? If you are going to
> list every sub-allocation which isn't routed, why not just list the
> allocations which should be routed?
Alternatively monitor the BGP table and pull out the bogons then produce a list
of them along with AS path info, possibly sending out to the list to the
upstreams as well as nanog.
Steve
More information about the NANOG
mailing list