RE: Bogon Filter - Please check for 77/8 78/8 79/8
-> We have this source: http://www.iana.org/assignments/ipv4-address-space -> We "source" URLs for each of the RIRs in the prefix filter templates: ftp://ftp-eng.cisco.com/cons/isp/security/Ingress-Prefix-Filter-Template s/ http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-loose.htm http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-strict.htm -> We have the Bogon Router Server: http://www.cymru.com/BGP/bogon-rs.html -> We have the RIPE project to help with the migration: http://www.ris.ripe.net/debogon/ -> We have the RADB Filters: http://www.radb.net/cgi-bin/radb/whois.cgi?obj=MAINT-BOGON-FILTERS -> We have the RIPE DB Filters: http://www.ripe.net/perl/whois?searchtext=MAINT-BOGON-FILTERS&form_type= simple -> And there is DNS and E-mail notifications ...... All of this is listed at http://www.cymru.com/Bogons/index.html So what would be helpful are people who say "I've done everything (or some of the things) off the Bogon Team page and think there is a better way." The core problem right now are that too many organizations are doing nothing to maintain policy once that policy choice has been selected.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of David Conrad Sent: Thursday, December 14, 2006 4:50 PM To: Michael.Dillon@btradianz.com Cc: nanog@merit.edu Subject: Re: Bogon Filter - Please check for 77/8 78/8 79/8
Hi,
or LDAP could be used ...
I was wondering when this would show up... :-)
If IANA and the RIRs would step up to the plate and provide an authoritative data source identifying which address ranges have been issued for use on the Internet then bogon lists would not be needed at all. ... IANA would be the authoritative source for stuff like RFC 1918 address ranges and other non-RIR ranges.
IANA has a project along these lines at the earliest stage of development (that is, we're trying to figure out if this is a good idea and if so, the best way to implement it). I'd be interested in hearing opinions (either publicly or privately) as to what IANA should do here.
One wonders whether it might not be more effective in the long run to sue ICANN/IANA rather than suing completewhois.com.
Sigh. What is the IOS command to disable lawyers again?
Rgds, -drc
Barry Greene (bgreene) wrote: [..list of good things..]
So what would be helpful are people who say "I've done everything (or some of the things) off the Bogon Team page and think there is a better way." The core problem right now are that too many organizations are doing nothing to maintain policy once that policy choice has been selected.
As Esmerelda the frog would say: S-BGP (*1) is the better way. Any ideas when Cisco is going to drink the cool-aid to get hooked in that and provide that to it's users? (Although one source told me that Cisco is not more the king of the core internet and that it got taken over by another vendor who should set steps in that direction first..) Of course the steps that sidr(*2) is taking is also a step in the right direction, but might be quite a slow one when people wanted this almost 10 years ago(*3) but that is the internet it seems. Running code is important, but clearly not when it could hurt people's pockets or when there is no real actual interest in solving this problem. That seems to be the real core problem: There is enough money being earned by being able to announce bogon routes and there is not enough money that can be earned back by upgrading hardware/software to implement those checks. Marketing 101 it seems, nothing technical to see here. The policy can be handled by a limited amount of organizations: IANA & the RIR's, there is only 6 of them, of which APNIC, with much thanks to the efforts by Geoff Huston(*4) doing experiments already. Greets, Jeroen *1) http://www.ir.bbn.com/sbgp/ *2) http://www.ietf.org/html.charters/sidr-charter.html *3) http://www.ir.bbn.com/sbgp/s-bgp-briefing/sld003.htm *4) http://kahuna.telstra.net/presentations/2006-11-27-route-secure.pdf http://kahuna.telstra.net/presentations/2006-11-03-caida-wide.pdf and others: http://kahuna.telstra.net/presentations/index.html
participants (2)
-
Barry Greene (bgreene) -
Jeroen Massar