[nsp] Bogon Addresses
Haesu
haesu at towardex.com
Thu Oct 23 16:17:31 EDT 2003
Put up a sinkhole on your network and run feel free to run all types of analyzers on it, including but not limited to: snort, rrdtool, tcpdump, mrtg, et al.
If you have a fairly large sized network with multiple POPs, consider anycasting your sinkholes.
And... route all the bogons to sinkholes.. set next-hop to sinkhole anycast/unicast addr (whichever u use either anycast or unicast).
-hc
--
Haesu C.
TowardEX Technologies, Inc.
Consulting, colocation, web hosting, network design and implementation
http://www.towardex.com | haesu at towardex.com
Cell: (978)394-2867 | Office: (978)263-3399 Ext. 170
Fax: (978)263-0033 | POC: HAESU-ARIN
On Wed, Oct 22, 2003 at 08:06:59AM +0300, M.Palis wrote:
> It was a nice discussion concerning Bogon Addresses. We finally implementing
> it on our network in conjunction with vrf forwarding and I think every ISP
> should do so in order to minimize DoS attacks and other attacks.
>
> What I am interesting about is whether their is a way to get some
> statistics on my routers about the traffic that is dropped due to bogon
> addresses.
> Does someone of you get such statistics and if yes how?
>
> Regards
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list