On 1/07/2007, at 3:17 AM, Alastair Johnson wrote:
Nathan Ward wrote:
On 1/07/2007, at 1:27 AM, Alastair Johnson wrote:
range of say /8 to /24, you have the POTENTIAL for mass injection of prefixes.
Why would you accept a range? I'd just accept the shortest prefix, if a longer prefix is de-bogoned it just means you don't count the still-bogon part as bogon until you update those filters. Think of it as a way to shorten bogon lists only, not modify them. Sure you don't get full coverage for a bit, but you certainly get more than just not filtering at all.
Fair point; but you're introducing additional touch requirements to your network devices, and you lose out on some usefulness of your bogon filtering, if say, 96/6 suddenly has one of those /8's de-bogoned.
Well, you only introduce as much touch as you'd have to in order to do manual bogon filtering, and you can limit the impact of that by doing the central box thing.
If you're prepared to have your bogon filter value deteriorate like that, then I would have to question their value at all.
We can call it nearly-bogon-filtering, which will /totally/ legitimise it.
Up to the network operator -- some are risk averse (me, these days), some are not.
You're just old and crabby ;-P
The solution to a number of the "third party is scary" problems here is simply using BGP triggered blackholes to do this internally, and make sure you pay really really close attention to the mailing lists, or maybe rig up some thing so when Cymru change their announcements you get a notification or perhaps it drops it in to your table after a few hours of delay.
Again, good options. Probably not something I'll be doing, though. *I* do not see the value for the operational overhead and additional network-touch required.
Yeah, I guess I don't care either way, but some data on the matter would be interesting. Rob, you're in a non-sleeping timezone (or you're up late like the rest of us), do you have anything? -- Nathan Ward