Time to add 2002::/16 to bogon filters?

• Previous message (by thread): Time to add 2002::/16 to bogon filters?
• Next message (by thread): Time to add 2002::/16 to bogon filters?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jared Mauch <jared at puck.nether.net> wrote:
>
> There is also the problem noted by Wes George with 6to4 being used in
> DNS amplification, which may be interesting..
>
> http://iepg.org/2018-03-18-ietf101/wes.pdf

I configure my DNS servers with a long-ish list of bogon addresses. For
v6, the list includes Teredo and 6to4 and various other horrors:

# RFC 5156 and IANA IPv6 address space registry
server	0000::/3	{ bogus yes; };
server	2001:0000::/32	{ bogus yes; };
server	2001:0002::/48	{ bogus yes; };
server	2001:0010::/28	{ bogus yes; };
server	2001:0db8::/32	{ bogus yes; };
server	2002::/16	{ bogus yes; };
server	3000::/4	{ bogus yes; };
server	4000::/2	{ bogus yes; };
server	8000::/1	{ bogus yes; };

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Southeast Iceland: Cyclonic, mainly westerly, 6 to gale 8, decreasing 5 later.
Rough or very rough, becoming moderate or rough later. Showers. Moderate or
good.

• Previous message (by thread): Time to add 2002::/16 to bogon filters?
• Next message (by thread): Time to add 2002::/16 to bogon filters?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]