Where are static bogon filters appropriate? was: Bogons

Chris L. Morrow christopher.morrow at verizonbusiness.com
Thu Mar 1 21:10:05 UTC 2007

On Thu, 1 Mar 2007, Jon Lewis wrote:

> Such updates get posted to various places like nanog, cisco-nsp, probably
> other -nsp lists, and such...but for the large number of ASNs not
> represented at all on those lists, I don't know how they're supposed to
> "get notified" every time a bogon ceases to be.  My own experience with

right, so often the acls/filters/policies get setup at install time, the
installer leaves/changes-jobs/blah and 2 years later the noc/net-admin at
the smaller-isp or hosting company or enterprise ends up not knowing what
this portion of the config might be doing, so it doesn't get touched...
The challenge for folks on the far side of this problem
(69box.atlantech.net for instance or midco) is finding a way to get this

So... again, are bogon filters 'in the core' useful? (call 'core' some
network not yours) The cisco auto-secure feature sure showed some fun
effects for this too, eh?

More information about the NANOG mailing list