For those not familiar with the term Bogon IPs they are basically IP address blocks that haven't been allocated or have been reserved by IANA. In a nutshell they are not to be used by anyone on the public Internet. They could be reserved due to RFC requirements, special use designations and a host of other reasons but basically you should never see them on the Internet.
What is tough about them is that they do change! So if you plan to use ACL's to protect your routers make sure you check back with the Bogon IPs site to make sure you aren't blocking legit traffic.
They provide some really great templates on the site to allow you to build ACL's very quickly and you can pick and choose how much you want from their list depending on your requirements. In addition, they have a very neat idea which is blocking bogons using DNS lists (like a realtime blackhole list) and you can even do BGP peering with them where they basically blackhole all the BOGON IPs on the net for you. There are some limitations and holes in that method but overall its a pretty cool solution, especially if you are running BGP as an end user (non transit).
- Ed
No comments:
Post a Comment