RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all)

Grant Taylor gtaylor at tnetconsulting.net
Wed Mar 8 02:21:08 UTC 2023

On 3/7/23 4:34 PM, Lukas Tribus wrote:
> I'm trying to educate people that bogon lists do not belong on hosts, 
> firewalls or intermediate routers, despite Team-cymru's aggressive 
> marketing of the opposite, quote:

I don't have any problem with bogon lists being on hosts or intermediate 

The think that you have to remember to do is to exclude locally 
significant (100.64/10, RFC 1918, et al.) from those filters /or/ 
account for them in another way.

I have bogons on some hosts /and/ locally significant / more specific 
routes to 100.64/16 without any problem.

Bogons is just a list of IPs that shouldn't be on the open Internet. 
But that same list can be re-used ~> abused elsewhere without.  How that 
list is used is installation specific.  If you're running default free, 
make sure that you remove the bogon prefixes from your routing tables 
/and/ /then/ (re)add any locally significant prefixes.

The Team Cymru bogon's list is a tool and like all tools, it can be 
mis-used and become a foot gun.

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230307/c048ca89/attachment.bin>

More information about the NANOG mailing list