ACLs
-----Original Message----- From: Pete Templin [mailto:petelists@templin.org] Sent: Sunday, August 17, 2008 5:57 PM To: Tomas L. Byrnes Cc: NANOG list Subject: Re: Is it time to abandon bogon prefix filters?
Since there are ways to dynamically filter the bogons, using BGP or DNS, I don't really see the need to stop doing so. If you're managing your routing and firewall filters manually, you have bigger
Tomas L. Byrnes wrote: problems
than the release of Bogon space.
Can you share the Cisco configuration snippet you recommend to dynamically FILTER bogons using BGP or DNS? Not just inserting null-routes for the bogon aggregates, but preventing the acceptance of more-specifics that transits/peers/customers have managed to sneak past someone's filters (or lack thereof), please.
(Without an offline configuration generator, I postulate that it can't be done.)
pt