Rob Thomas wrote:
Hi, listfolk.
TelstraClear has recently been allocated 121.72.0.0/15 by APNIC. I'm aware that this range used to be covered by some bogon filters, so can I ask that people please check their bogon lists are up to date, or better yet make use of the BGP fed bogon list from the nice folks at cymru.
We're happy to provide peering with our bogon route-servers, or a number of other bogon list options. :)
And contrary to popular assumption, this doesn't open your network to random null routes being added by an external party. Peer with the cymru bogon routers, set a prefix list (or whatever your vendor calls it) to only allow the bogon network you are aware of at the time. Again, common assumption here is wrong, you do still gain. The gain here, is whenever someone legitimately starts using one of these networks, your routers loose the null route from cymru and start accepting traffic to those prefixes, a few weeks later you can remove the now-legit network from your cymru prefix list. If new bogon networks are listed, you'll have to update your prefix lists for the cymru BGP sessions to allow them, though. How often does that happen, though? A good idea is to have one or two boxes in your network that peer with cymru, and redistribute the info to whichever routers you feel need it. Bonus: You just bought yourself a BGP triggered traffic blackhole solution. -- Nathan Ward