Is it time to abandon bogon prefix filters?
tme at multicasttech.com
Fri Aug 15 08:33:45 CDT 2008
On Aug 15, 2008, at 9:26 AM, Randy Bush wrote:
>> In other words, our earlier estimate of 60% was way off... you can
>> get 92.1% effectiveness at bogon filtering by just dropping 1918
>> addresses, a filter that you will never have to change.
> my read is that the 60% was an alleged 60% of attacks came from *all*
> bogon space. this now seems in the low single digit percentge. of
> that, the majority is from 1918 space.
If (trying to reverse engineer this thread) previously 60% of all
came from bogonspace, and now only 2.96% do, that does not mean that
if the bogon filters are removed, that number will stay at < 3 %. It may
just mean that the filtering is effective.
More information about the NANOG