Bogon filtering (don't ban me)
James
haesu at towardex.com
Sun Dec 5 19:31:56 UTC 2004
On Sun, Dec 05, 2004 at 07:38:06PM +0100, Cliff Albert wrote:
>
> On Sun, Dec 05, 2004 at 12:36:08PM -0600, Rob Thomas wrote:
>
> > ] I have one question regarding the CYMRU bogon route-server. What good is
> > ] it if more-specific bogons are going around in the BGP table ?
> >
> > At present, none. We have feature requests into some major router
> > vendors to make this more useful. The goal is to provide a syntax
> > similar to prefix-list that would permit you to filter on a prefix
> > and anything more specific. Stay tuned!
>
> Indeed, that's the biggest problem at the moment. I have seen some folks
> feature requesting this at juniper, but seems they all got a big NO
> back.
>
> --
> Cliff Albert <cliff at oisec.net>
Just FYI --
Team Cymru also provides IRR objects for those using automated BGP policies
with ease. Using IRR objects, dependent on how *you* set it up, you should be
able to filter out specifics.
Their object is fltr-bogons on whois.radb.net:
filter-set: fltr-bogons
descr: All bogon IPv4 prefixes.
filter: fltr-unallocated OR fltr-martian
tech-c: RTH32-ARIN
admin-c: RTH32-ARIN
mnt-by: MAINT-BOGON-FILTERS
changed: radb at cymru.com 20040420
source: RIPE
Example for filtering bogons from transit:
import: from AS209 accept ANY and not fltr-bogons
I make use of these objects for configuring BGP for customers who are multihomed
to different ISP's, so far with great success.
Hope this helps,
-J
--
James Jun TowardEX Technologies, Inc.
Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and
james at towardex.com Network design/consulting & configuration services
cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
More information about the NANOG
mailing list