[c-nsp] dropping traffic for RFC3330 networks

Paul Stewart pstewart at nexicomgroup.net
Mon Aug 28 22:09:28 EDT 2006 

We've been running a BGP multihop session with the folks at Team Cymru
for quite some time (until recently due to network topology changes -
coming back in future).. Works great and very effective...;) We just
null route the routes they send us...

Paul Stewart
Network Administrator
Nexicom Inc.
http://www.nexicom.net/ 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Armstrong
Sent: Monday, August 28, 2006 9:57 PM
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] dropping traffic for RFC3330 networks

On a related note to this..... what are people's opinions about null
routing vs. ACLing  bogons?



Jay Ford wrote:

>On Mon, 28 Aug 2006 lee.e.rian at census.gov wrote:
>  
>
>>Are there any routes that should be added or removed from this list?
>>
>>ip route 0.0.0.0       255.0.0.0     null0
>>ip route 10.0.0.0      255.0.0.0     null0
>>ip route 127.0.0.0     255.0.0.0     null0
>>ip route 128.0.0.0     255.0.0.0     null0
>>ip route 169.254.0.0   255.255.0.0   null0
>>ip route 172.16.0.0    255.255.0.0   null0
>>ip route 191.255.0.0   255.255.0.0   null0
>>ip route 192.0.0.0     255.255.255.0 null0
>>ip route 192.0.2.0     255.255.255.0 null0
>>ip route 192.168.0.0   255.255.0.0   null0
>>ip route 198.18.0.0    255.254.0.0   null0
>>ip route 223.255.255.0 255.255.255.0 null0
>>ip route 240.0.0.0     240.0.0.0     null0
>>    
>>
>
>That list looks a bit broken to me.
>
>The "128.0.0.0 255.0.0.0" will kill many valid addresses (including
mine).
>Perhaps it should be "128.0.0.0 255.255.0.0", so it just kills
128.0.0.0/16?
>
>The "172.16.0.0 255.255.0.0" should be "172.16.0.0 255.240.0.0".
>
>There might be other errors.  Those are just the ones that jumped out
at me.
>
>_______________________________________________________________________
_
>Jay Ford, Network Engineering Group, Information Technology Services
>University of Iowa, Iowa City, IA 52242
>email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>  
>


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list