Hi Kurt, At 22:05 16/06/00 +0200, Kurt Kayser wrote:
Hi,
I'm trying to get rid of the section called 'Advertised IANA Reserved Addresses' in the 'RIPE NCC Region Weekly Routing Report'. <snip> If we want to try get some of this stuff out of the backbone and even decrease some (unnecessary) BGP-traffic, why not publish a 'ingress BGP-filterlist' that is endorsed by the RIPE-wg, RIPE or the community at large?
How about http://www.ietf.org/internet-drafts/draft-manning-dsua-03.txt which is a very good start for a list which should be applied on all external BGP peerings (inbound and outbound). A draft I would certainly like to see as a BCP RFC.... Maybe this working group could consider something like this as a recommendation to "the community", like RIPE-210 flap dampening parameters?
What it basically does is:
1. Reject illegal prefixes (127/8, 0/0, RFC1918, etc.) 2. Log orginiators (if wanted) 3. Decrease SPAM-complaints 4. Prevent abuse
It's low on CPU (it's no IP filter-list!), just a BGP-ingress filter.
I could post a Cisco prefix-filter list based on Bill Manning's draft, if that would help. It would certainly help with 1 and 2. It may also be a service if ISPs with Cisco routers could apply "bgp neigh <x> remove-private-AS" on eBGP peerings so that origin private ASes (>64511) aren't leaked to the Internet.
I have even added some prefix-length filter, but this is another topic, and depends on your upstream's policy. (I just can't stand /32s in the table!).
Some ISPs go as far as filtering on the regional registries minimum allocation sizes, and the unused former A space. However, I think this needs a little more diligence in following changes in registry policy (APNIC recently moved from /19 to /20), any address space returned to the common pool, and any new /8s being allocated to registries for distribution purposes. Happily the announcements are much cleaner this week (certainly from the view used in producing the weekly routing reports). This morning I only saw the attached. philip -- List of Illegal AS's (Global) ----------------------------- Bad AS Designation Network Transit AS Description 64602 PRIVATE 63.236.57.0/24 209 Qwest 64601 PRIVATE 63.236.90.0/24 209 Qwest 64513 PRIVATE 200.12.17.0/24 6471 ENTEL CHILE S.A. 65014 PRIVATE 208.185.113.0/24 6461 AboveNet Communicati Advertised IANA Reserved Addresses ---------------------------------- Network Origin AS Description 39.96.40.224/30 14408 iCAIR 65.56.64.0/21 2941 Community News Service -------------------------------------------------------- Philip Smith ph: +61 7 3238 8200 Consulting Engineering, Office of the CTO, Cisco Systems --------------------------------------------------------