Re: [nsp] RFC2544 RE: Filter subnets

From: Bill Manning (bmanning@zed.isi.edu)
Date: Sat Dec 09 2000 - 00:34:02 EST


% >I noticed neither of you included /24's of major exchange points in
% >your filters, such as 192.41.177/24 [MAE-E], 195.66.224/23 [LINX],
% >and a long list of others. It is common practice to filter these
% >both from customers and from peers, at least for the exchange
% >points your network directly connects to.
%
% Would you like to post a list of these? I can put them in IOS Essentials,
% if people would find this useful? (I'd have thought the recommendation of
% filtering your directly connected exchanges would be easiest - keeping
% track of the address space of all the exchange points around the world
% would be a hard...?)

        Well, I try to keep up w/ it. There is a fair amount of churn
        so keeping these in a published list is not such a good idea,
        at least from what I have seen.

% >Also, having recently used IANA reserved RFC 2544 space in some
% >lab evaluation, I was kind of surprised to realize no one seems to
% >include it in their bogon filters, including a former large ISP
% >employer. I believe the history of this allocation was a direct
% >reaction to a 1998 Internet meltdown that resulted from a provider's
% >test BGP scenario that leaked.
%
% I'm not sure that many people know about RFC1944/RFC2544 space. Both RFCs
% list the address block incorrectly (192.18/15 in 1944, and 192.18/16 thru
% 198.19/16 in 2544!!!), and it isn't even clear from the ARIN record that
% this really does belong to the BMWG...

        It does not "belong" to the BMWG (remember that WG are supposed
        to be ephemeral) and is not IANA reserved. The prefix, as listed
        in the ARIN db, is delegated to Harvard University. Its listing
        in RFC 2544 shows a desired intent that, if it is to be earmarked
        for special use, should have Harvard, or its designated represntative
        work with ARIN and ICANN to "re-lable" the prefix as such.

% philip

        Filtering as-yet prefix ranges that the IANA has not delegated
        is problematic. There is a draft, based on the expired DSUA
        draft (Documenting Special Use Addresses) which trys to update
        the old "Martin" list of prefixes which should be properly filtered
        in the Internet. Due to the cutoff period, you wont see the draft
        until after the IETF.
        

-- 
--bill



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:23 EDT