--- "J. Oquendo" <sil@politrix.org> wrote:
I thought about it over and over, and wonder why this hasn't been done. Any care to beat me with a clue stick or two. I can understand the arguments of not wanting a vendor to have control of some aspect of my business, or control over my network, but correct me if I am wrong, wouldn't this solve a heck of a lot of issues concerning network based attacks, spam, scumware/spyware/fooware/$*something?
Vendor C has something similar, in their "autosecure" feature. However, the trouble is that the list of bogon networks is static, and in fact includes 70/8 among many others. This is (I'm certain) contributing to the reachability issues that those folks with new netblocks experience. A better implementation would be for vendors to include a "bogon-subscribe server x.x.x.x" feature, which would simply allow a router to talk to a centralized bogon server. However, the complexity of setting up the real-time BGP bogon feeds is not that hard - anyone who would use the above command could do it - so I'm not sure that this requires any new tools. ===== David Barak -fully RFC 1925 compliant- __________________________________ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250