! Deny martian routes ! 1st and last classical B and C nets (guard nets). access-list 180 deny ip 128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255 access-list 180 deny ip 191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255 access-list 180 deny ip 192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255 access-list 180 deny ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
In a classless environment, these prefixes are legitimate. Correct behaviour is now known for these subnets and so I wonder why you still have them in your standard list.
They sure look reserved to me: note% whois RESERVED IANA (RESERVED-1) RESERVED 0.0.0.0 IANA (RESERVED-3) RESERVED 128.0.0.0 IANA (RESERVED-4) RESERVED 191.255.0.0 IANA (RESERVED-5) RESERVED 223.255.255.0 IANA (RESERVED-7) Reserved 64.0.0.0 - 95.0.0.0 IANA (RESERVED-8) Reserved 96.0.0.0 - 126.0.0.0 Actually it looks like I should add the top 1/2 of the old A space as well. It also looks like someone did something really silly with 192.0.0/24: note% whois 192.0.0 IANA (NET-ROOT-NS-LAB) c/o Information Sciences Institute 4676 Admiralty Way, Suite 1001 Marina del Rey, CA 90292-6695 Netname: ROOT-NS-LAB Netnumber: 192.0.0.0 Coordinator: Manning, Bill (WM110) bmanning@ISI.EDU 310-322-8102 Domain System inverse mapping provided by: ORB.ISI.EDU 128.9.160.66 NS.ISI.EDU 128.9.128.127 Record last updated on 01-Jul-96. This idea looks really dumb, and since my >/24 filter blocks these in any case, I see no reason to listen to silly people to unblock this /24. Poking a bit further at this, it looks like 192.0/16 is all reserved as well: Netname: RESERVED-192 Netblock: 192.0.0.0 - 192.0.255.0 Humm, more bogons to add to my filter? --asp@partan.com (Andrew Partan)