15 Aug
2008
15 Aug
'08
9:34 a.m.
Randy Bush <randy@psg.com> writes:
In other words, our earlier estimate of 60% was way off... you can get 92.1% effectiveness at bogon filtering by just dropping 1918 addresses, a filter that you will never have to change.
my read is that the 60% was an alleged 60% of attacks came from *all* bogon space. this now seems in the low single digit percentge. of that, the majority is from 1918 space.
so is there any case to be made for filtering bogons on upstream/peering ingress at all anymore? (this discussion is orthogonal to bcp38/urpf, which i think we all agree is a good thing and would be great if we could get it further deployed) ---rob