Hi Michel, Thank you for your valuable information! Per the experience of RFC 7999, maybe it is better to use 65535:888 to implement the function of ASN:888?
Regards, Shunwan -----Original Message----- From: Michel Py [mailto:[email protected]] Sent: Tuesday, August 10, 2021 10:28 AM To: Zhuangshunwan <[email protected]>; Sriram, Kotikalapudi (Fed) <[email protected]> Cc: IDR <[email protected]>; GROW WG <[email protected]> Subject: RE: some questions from {RC, LC, EC} analysis presentation in GROW > Zhuangshunwan wrote : > then if other communities "ASN:666" are widespread in the wild They are. I am the operator of one of the largest ASN:666 BGP blacklist feeds; in the past, I have opposed the standardization of ASN:666 because the text was too vague. Long story made short : there is not enough separation between source-based BGP backlists and destination-based ones. As of now, it appears to me that destination-based ASN:666 communities are becoming a de-facto standard; which means that my own source-based ASN:666 BGP feed needs to adopt another community. I suggest that, if some standardization effort is to take place again, the ASN:666 scheme is used for destination-based BGP blacklist feeds, and that the ASN:888 scheme is used for source-based BGP backlist feeds. In there, I am happy to follow the lead of Team Cymru in their bogon BGP feed, which is the origin of all BGP blacklist feeds. https://team-cymru.com/community-services/bogon-reference/bogon-reference-bgp/ In other words : the :666 community shall be used when one wants to backlist one's own prefixes (possibly a /32), a destination-based backlist. While the :888 community shall be used when one wants to blacklist an IP address by the source, which means a high level of trust in the feed, as any contributor to said feed has potentially the ability to blacklist a source IP. Respectfully submitted. Michel. _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
