Time to add 2002::/16 to bogon filters?
cb.list6 at gmail.com
Tue Jun 19 00:23:46 UTC 2018
On Mon, Jun 18, 2018 at 4:37 PM Mark Andrews <marka at isc.org> wrote:
> If a ASN is announcing 2002::/16 then they are are happy to get the
> traffic. It
> they don’t want it all they have to do is withdraw the prefix. It is not
> up to
> the rest of us to second guess their decision to keep providing support.
That sounds like an interesting attack scenario where a malicious actor can
insert themselves in a path, via bgp, announcing 6to4 space
> If you filter 2002::/16 then you are performing a denial-of-service attack
> the few sites that are still using it DELIBERATELY.
> None of the problems required removing it from BGP. There were end sites
> had firewalls that blocked 6to4 responses and the odd site that ran a
> and failed to properly manage it. The rest could have been dealt with by
> configuring more gateways. If every dual stacked ASN had run their own
> there wouldn’t have been a scaling issue. i.e. take the 2002::/16 traffic
> dump it onto IPv4 as soon as possible and take the encapsulated traffic
> for the
> rest of IPv6 and de-encapsulate it as soon as possible.
> > On 19 Jun 2018, at 8:56 am, McBride, Mack <C-Mack.McBride at charter.com>
> > This should have been filtered before.
> > Lots of people improperly implemented this so it caused issues.
> > Mack
> > -----Original Message-----
> > From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of John Kristoff
> > Sent: Monday, June 18, 2018 3:48 PM
> > To: Job Snijders <job at ntt.net>
> > Cc: NANOG [nanog at nanog.org] <nanog at nanog.org>
> > Subject: Re: Time to add 2002::/16 to bogon filters?
> > On Mon, 18 Jun 2018 21:08:05 +0000
> > Job Snijders <job at ntt.net> wrote:
> >> TL;DR: Perhaps it is time to add 2002::/16 to our EBGP bogon filters?
> > Hi Job,
> > I've been asking people about this recently. I don't particularly like
> having misdirected traffic or badly configured hosts sending junk to those
> who happen to be announcing addresses from this prefix. I'm planning on
> adding this to a bogon filter here.
> > John
> > E-MAIL CONFIDENTIALITY NOTICE:
> > The contents of this e-mail message and any attachments are intended
> solely for the addressee(s) and may contain confidential and/or legally
> privileged information. If you are not the intended recipient of this
> message or if this message has been addressed to you in error, please
> immediately alert the sender by reply e-mail and then delete this message
> and any attachments. If you are not the intended recipient, you are
> notified that any use, dissemination, distribution, copying, or storage of
> this message or any attachment is strictly prohibited.
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG