RFC6598 100.64/10: to bogon or not to bogon (team-cymru et all)
lukas at ltri.eu
Wed Mar 8 12:35:57 UTC 2023
> The think that you have to remember to do is to exclude locally
> significant (100.64/10, RFC 1918, et al.) from those filters /or/
> account for them in another way.
You know all this if you are the network operator.
If you are the customer of the ISP, let's say a datacenter/cloud
customer and you are deploying Web or Mailservices, you have no idea
whether this ISP will route RFC6598 traffic to you or not and you
certainly will not get informed by the ISP if that ever changes. You
only know about this once you are dropping production traffic from
clients in 100.64/10 and a trouble ticket has found it's way to you
("residential customers of the same ISP can't reach your cloud
That is why RFC6598 is suggesting to drop this traffic on autonomous
system borders. The RFC is not suggesting to drop this traffic
> Bogons is just a list of IPs that shouldn't be on the open Internet.
Which, for RFC6598 is misleading because RFC6598 space is used within
(but not beyond) ISP networks. "The internet" includes ISP networks.
> The Team Cymru bogon's list is a tool and like all tools, it can be
> mis-used and become a foot gun.
Which is why proper description, documentation and education is important.
More information about the NANOG