New Draft Document: De-boganising New Address Blocks

Wed Feb 25 23:48:46 UTC 2004

[ nick has trouble posting, so ... ]

Date: Wed, 25 Feb 2004 00:27:00 -0500
From: Nick Feamster <feamster at lcs.mit.edu>
Subject: Re: New Draft Document: De-boganising New Address Blocks
To: nanog at nanog.org
User-Agent: Mutt/1.4.1i

On Tue, Feb 24, 2004 at 06:28:48PM +0100, Daniel Karrenberg wrote:
> > Why can't ISPs subscribe to a feed of all new 
> > RIPE allocations in near real-time?
> 
> Personally I think this is a great idea and if we hear from a lot of
> operators actually willing to take such feeds it may become reality
> beyond volunteer efforts like the Team CYMRU one.  However there are a
> number of serious issues with something like this, not the least of
> which are the liability issues in case this goes wrong very dynamically
> and semi-automatedly. 
> 
> It is certainly something to progress if there is enough interest.
> 
> However I think the current proposal shold go ahead too because the false
> positives are a real problem that needs to be addressed quickly.
> 

fyi, I have written a configuration checking tool that checks for
a configuration's conformance to the Cymru bogon list.

See:
http://nms.lcs.mit.edu/bgp/rolex/

for more information.  The tool also checks for various other errors
(summarized at http://nms.lcs.mit.edu/bgp/rolex/tests.html)

I also have a writeup that describes the tool in further detail, as well
as an empirical evaluation that supports these observations about bogon
filtering practices (based on results of running the tool on several
ASes).  Let me know if you'd either (1) like a copy of this writeup or
(2) want to help me generate more empirical data (i.e., want to run the
tool on your configs, let me do so, etc.)

Cheers,
-Nick