12 Feb
2010
12 Feb
'10
4:10 p.m.
Thomas Magill wrote:
In efforts to further protect us against threats I am considering establishing Bogon peers to enable me to filter unallocated address space. I am just wondering if this is a worthwhile step to take and if anyone has ran into any issues or points of concern that I may want to take into account. Thanks in advance for any input.
I've used the service for a couple of years, and I find it works wonderfully. Newly distributed IANA blocks are removed promptly, so no need to worry about that. I peer with Cymru on my RTBH trigger boxes, which then redistribute the list to all edge gear which blackholes it (dest and source) thanks to uRPF. No manual config or rule manipulation. Steve