[c-nsp] dropping traffic for RFC3330 networks

Dan Armstrong dan at beanfield.com
Mon Aug 28 21:57:02 EDT 2006


On a related note to this..... what are people's opinions about null 
routing vs. ACLing  bogons?



Jay Ford wrote:

>On Mon, 28 Aug 2006 lee.e.rian at census.gov wrote:
>  
>
>>Are there any routes that should be added or removed from this list?
>>
>>ip route 0.0.0.0       255.0.0.0     null0
>>ip route 10.0.0.0      255.0.0.0     null0
>>ip route 127.0.0.0     255.0.0.0     null0
>>ip route 128.0.0.0     255.0.0.0     null0
>>ip route 169.254.0.0   255.255.0.0   null0
>>ip route 172.16.0.0    255.255.0.0   null0
>>ip route 191.255.0.0   255.255.0.0   null0
>>ip route 192.0.0.0     255.255.255.0 null0
>>ip route 192.0.2.0     255.255.255.0 null0
>>ip route 192.168.0.0   255.255.0.0   null0
>>ip route 198.18.0.0    255.254.0.0   null0
>>ip route 223.255.255.0 255.255.255.0 null0
>>ip route 240.0.0.0     240.0.0.0     null0
>>    
>>
>
>That list looks a bit broken to me.
>
>The "128.0.0.0 255.0.0.0" will kill many valid addresses (including mine).
>Perhaps it should be "128.0.0.0 255.255.0.0", so it just kills 128.0.0.0/16?
>
>The "172.16.0.0 255.255.0.0" should be "172.16.0.0 255.240.0.0".
>
>There might be other errors.  Those are just the ones that jumped out at me.
>
>________________________________________________________________________
>Jay Ford, Network Engineering Group, Information Technology Services
>University of Iowa, Iowa City, IA 52242
>email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>  
>




More information about the cisco-nsp mailing list