On Tue, 24 Feb 2004, Timothy Brown wrote:
On Tue, Feb 24, 2004 at 04:32:46PM +0000, Michael.Dillon@radianz.com wrote:
The RIPE NCC has prepared a draft document titled "De-Bogonising New Address Blocks":
That is a misleading title.
I agree, consindering the block is still a bogon until it has been allocated by RIPE to ISP, but advanced notification is still good. And its especially good that RIRs are actively trying to get involved in things like this.
The problem is that ISPs cannot react quickly enough to open filters when new ranges are allocated. The proposed solution is to provide advance notification. I suppose this could allow ISPs to open filters before the new addresses are actually in use officially.
However, it will also allow spammers to announce this space and get it through bogon filters.
Completewhois bogon ip lists provide data on ip blocks that are not allocated by RIRs to ISPs (rather then just list of /8 blocks not allocated by IANA to RIRs as for example cymru does). The list can be used for anti-spam filtering through dns using rbl-like feed at bogons.dnsiplists.completewhois.com The actual list of all such RIR unallocated blocks is at: http://www.completewhois.com/bogons/data/bogons-cidr-all.txt Similar list can also be created based on RIR ip statistics file (not right now as they still have serious problems with not listing some legacy blocks, but hopefully RIRs will finish the ERX and fix it all in the next year).
The real solution to this problem is to make it possible for ISPs to closely track RIR allocations in their filters in a semi-automated way. There may still be a few days of delay before a new allocation is fully routable but ISPs can compensate for that with internal processes. Yes, 24-36 hours delay exists before new allocations are cleared from bogon list when done in automated way. But I found that < 1% of the blocks are routed within first 24 hours of allocated (in fact 30% are still not routed 2 months after allocated).
Why can't ISPs subscribe to a feed of all new RIPE allocations in near real-time?
Uh, bogon route server, hello?
http://www.cymru.com/BGP/bogon-rs.html Unfortunetly this is kind-of a bgp hack and as has been already mentioned it needs very carefull implemention and if not done right it leads to leaks like we saw in the today's "168.0.0.0/6" thread on nanog-l.
What we do need is for ISPs and other organizations to urge vendors to implement router software changes for distributed bgp filtering as has been detailed in this draft (already mentioned quite extensively on other threads): http://arneill-py.sacramento.ca.us/draft-py-idr-redisfilter-01.txt -- William Leibzon Elan Networks william@elan.net