Best practices inquiry: filtering 128/1

WONG, Yuen-Fung Yuen-Fung.WONG at
Tue Jul 11 06:17:26 UTC 2006

> Would anyone not filter those routes?  Why wouldn't you filter to /7?
> Actually, I take that back.  Why wouldn't you just get a feed from  
> Cymru <> ??

We had some hesitation on putting in a 1/ le /7 filter as these are not mentioned in any document / recommendation that they are invalid / bogus routes...  nor in the Cymru.

Anyway, just spotted this in Cymru [Ingress Prefix Filter Templates, Loose and Strict (Cisco)] but it was not included / mentioned in their fltr-bogons:

! Block Prefixes less than /5. 
ip prefix-list ISP-Ingress-In-Loose seq 50 deny le 5
! Block /6 and /7 prefixes - We have this in as a marker to see if any of the 
! large networks pull together any /8s into smaller blocks. Watch this hit
! counters with "show ip prefix". Tuned per Adriana Vascan <avascan at> 
! suggestion.
ip prefix-list ISP-Ingress-In-Loose seq 55 deny le 6 
ip prefix-list ISP-Ingress-In-Loose seq 60 deny le 7


More information about the NANOG mailing list