RE: Net-24 top prefix generating bogus RFC-1918 queries
Forgive me.. I thought I understood that 1918 routes were leaking.... Jim
-----Original Message----- From: Sean Donelan [mailto:sean@donelan.com] Sent: Monday, June 02, 2003 12:26 AM To: nanog@merit.edu Subject: RE: Net-24 top prefix generating bogus RFC-1918 queries
On Sun, 1 Jun 2003, McBurnett, Jim wrote:
guys.. I have a thought... I am a charter fiber customer.. AND they use lots of 1918 address for management even some customer links. I have seen this on all the cable providers.. unlike Sprint/MCI/ATT they don't use 100% RW on all their equipment..
then they leak because the BGP is not filtering properly..
Uhm, incorrect.
A DNS lookup for a RFC1918 in-addr.arpa record is unrelated to BGP or BGP filters.
If you want to generate an RFC1918 in-addr.arpa query to the AS112 servers do the following
nslookup Default Server: localhost Address: 127.0.0.1
set querytype=any 10.in-addr.arpa Server: localhost Address: 127.0.0.1
Non-authoritative answer: 10.in-addr.arpa origin = prisoner.iana.org mail addr = hostmaster.root-servers.org serial = 2002040800 refresh = 1800 (30M) retry = 900 (15M) expire = 604800 (1W) minimum ttl = 604800 (1W)
Authoritative answers can be found from: 10.in-addr.arpa nameserver = BLACKHOLE-1.iana.org 10.in-addr.arpa nameserver = BLACKHOLE-2.iana.org BLACKHOLE-1.iana.org internet address = 192.175.48.6 BLACKHOLE-2.iana.org internet address = 192.175.48.42
Your query will then be included in John's statistics. You BGP filters will not stop it.
participants (1)
-
McBurnett, Jim