De-bogonising 2a10::/12

Fri Jan 10 19:49:58 UTC 2020

Hello

What is the purpose of null routing bogons? As it is, my network being
default free zone, traffic to bogons will be returned to sender with no
route to host.

The only way for me to send out traffic to bogons is if one my peers
announces a bogon prefix. Even if I did null route bogons, manually or
through the use of the Cymru service, a peer could still announce a more
specific and override that.

Is there a way to use the RPKI system to ensure bogons are simply invalid?
Seems much more effective to me.

Regards

Baldur

On Fri, Jan 10, 2020 at 7:08 PM Rabbi Rob Thomas <robt at cymru.com> wrote:

> Hello, NANOG!
>
> Did someone say, “bogon?”  :)
>
> >> We want to remind everybody to update their bogon filters and allow
> routes originating from 2a10::/12 in their network.
> >
> > I'd like to remind people not to bogonise unallocated, more downside
> > than upside. Particularly if it's CLI jockey network, no one will
> > update the config once you change your employer. Even if it's
> > toolised, once that tool breaks, no one will fix it, if there are no
> > customer complains.
>
> I appreciate the various views on this topic.  If one is going to filter
> bogons, we strongly recommend that folks BGP peer with us for these
> updates, or use some other, dynamically updated process.  We update our
> static lists using the same underlying process, but that won’t update
> remotely deployed static copies.
>
> For all prefixes, e.g. 2a10::/12, the filtering will be automagically
> updated as allocations are made.
>
> https://www.team-cymru.com/bogon-reference-bgp.html
>
> Be well,
> Rabbi Rob.
> --
> Rabbi Rob Thomas                                           Team Cymru
>    "It is easy to believe in freedom of speech for those with whom we
>     agree." - Leo McKern
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200110/ad579fd0/attachment.html>