Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Mar 2007, Jon Lewis wrote:

> Such updates get posted to various places like nanog, cisco-nsp, probably
> other -nsp lists, and such...but for the large number of ASNs not
> represented at all on those lists, I don't know how they're supposed to
> "get notified" every time a bogon ceases to be.  My own experience with

right, so often the acls/filters/policies get setup at install time, the
installer leaves/changes-jobs/blah and 2 years later the noc/net-admin at
the smaller-isp or hosting company or enterprise ends up not knowing what
this portion of the config might be doing, so it doesn't get touched...
The challenge for folks on the far side of this problem
(69box.atlantech.net for instance or midco) is finding a way to get this
adjusted.

So... again, are bogon filters 'in the core' useful? (call 'core' some
network not yours) The cisco auto-secure feature sure showed some fun
effects for this too, eh?

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]