Re: 100.100.0.0/24
On 16/10/2012 11:37, Lowe, Richard B wrote: Kind of like the 192.0.2.1/32 for IPv4, huh? no - 192.0.2.0/24 is formally TEST-NET-1, documentation and examples, like 2001:db8::/32. 100::/64 is specifically for discard and analysis style RTBHs. I.e. for ipv6, you can now keep your documentation prefixes on your documentation. Nick RFC: 5635 -Original Message- From: Nick Hilliard [mailto:n...@foobar.org] Sent: Sunday, October 07, 2012 6:40 AM To: nanog@nanog.org Subject: Re: 100.100.0.0/24 On 07/10/2012 00:34, Randy Bush wrote: ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0 plug: rfc . 100::/64 is reserved for this purpose. Nick
Re: 100.100.0.0/24
On 07/10/2012 00:34, Randy Bush wrote: ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0 plug: rfc . 100::/64 is reserved for this purpose. Nick
Re: 100.100.0.0/24
On Fri, Oct 05, 2012 at 10:24:18AM -0500, Ben Bartsch wrote: use this: http://www.team-cymru.org/Services/Bogons/bgp.html Please tell me how I can configure my router to use that feed to automatically reject any bogon advertisements I receive from other BGP neigbhors. On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote: I suspect not everyone has updated their 'bogon' filters. I found a very minor gap in our filters, we are working on correcting it. -- Brett
Re: 100.100.0.0/24
http://www.team-cymru.org/Services/Bogons/bgp.html Please tell me how I can configure my router to use that feed to automatically reject any bogon advertisements I receive from other BGP neigbhors. you actually have to look at that web page
Re: 100.100.0.0/24
В 16:22 -0700 на 06.10.2012 (сб), Randy Bush написа: http://www.team-cymru.org/Services/Bogons/bgp.html Please tell me how I can configure my router to use that feed to automatically reject any bogon advertisements I receive from other BGP neigbhors. you actually have to look at that web page If you're seeing the same page, the configs and explanations there show how to drop packets destined to bogons, not routes. (I also want to know the answer to that question) -- Regards, Vasil Kolev signature.asc Description: This is a digitally signed message part
Re: 100.100.0.0/24
http://www.team-cymru.org/Services/Bogons/bgp.html Please tell me how I can configure my router to use that feed to automatically reject any bogon advertisements I receive from other BGP neigbhors. you actually have to look at that web page If you're seeing the same page, the configs and explanations there show how to drop packets destined to bogons, not routes. (I also want to know the answer to that question) then read the frelling page!!! http://www.team-cymru.org/Services/Bogons/bgp-examples.html#cisco-full-v4trans router bgp your asn ! Session 1 neighbor A.B.C.D remote-as 65332 neighbor A.B.C.D description your description neighbor A.B.C.D ebgp-multihop 255 neighbor A.B.C.D password your password ! Session 2 neighbor E.F.G.H remote-as 65332 neighbor E.F.G.H description your description neighbor E.F.G.H ebgp-multihop 255 neighbor E.F.G.H password your password ! address-family ipv4 ! Session 1 neighbor A.B.C.D activate neighbor A.B.C.D soft-reconfiguration inbound neighbor A.B.C.D prefix-list cymru-out-v4 out neighbor A.B.C.D route-map CYMRUBOGONS-V4 in ! Session 2 neighbor E.F.G.H activate neighbor E.F.G.H soft-reconfiguration inbound neighbor E.F.G.H prefix-list cymru-out-v4 out neighbor E.F.G.H route-map CYMRUBOGONS-V4 in ! address-family ipv6 ! Session 1 neighbor A.B.C.D activate neighbor A.B.C.D soft-reconfiguration inbound neighbor A.B.C.D prefix-list cymru-out-v6 out neighbor A.B.C.D route-map CYMRUBOGONS-V6 in ! Session 2 neighbor E.F.G.H activate neighbor E.F.G.H soft-reconfiguration inbound neighbor E.F.G.H prefix-list cymru-out-v6 out neighbor E.F.G.H route-map CYMRUBOGONS-V6 in ! ! Depending on IOS version, you may need to configure your router ! for new-style community syntax. ip bgp-community new-format ! ip community-list 100 permit 65332:888 ! ip route 192.0.2.1 255.255.255.255 Null0 ! ip prefix-list cymru-out-v4 seq 5 deny 0.0.0.0/0 le 32 ! ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0 ! ipv6 prefix-list cymru-out-v6 seq 5 deny ::/0 le 128 ! route-map CYMRUBOGONS-V6 permit 10 description IPv6 Filter bogons learned from cymru.com bogon route-servers match community 100 set ipv6 next-hop 2001:DB8:0:DEAD:BEEF::1 ! route-map CYMRUBOGONS-V4 permit 10 description IPv4 Filter bogons learned from cymru.com bogon route-servers match community 100 set ip next-hop 192.0.2.1
Re: 100.100.0.0/24
http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. a private address space leak? and propagated. i am deeply shocked. wtf did people think would happen? randy
Re: 100.100.0.0/24
On 10/5/12 5:08 AM, Randy Bush wrote: http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. a private address space leak? and propagated. i am deeply shocked. wtf did people think would happen? I'm unsurprised that not all filters are in place, more or less where they weren't however is another matter. by all accounts this has been advertised since 8/24. randy
Re: 100.100.0.0/24
On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote: by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long.
Re: 100.100.0.0/24
On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote: On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote: by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long. I suspect not everyone has updated their 'bogon' filters. I found a very minor gap in our filters, we are working on correcting it. - Jared
Re: 100.100.0.0/24
use this: http://www.team-cymru.org/Services/Bogons/bgp.html On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote: On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote: On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote: by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long. I suspect not everyone has updated their 'bogon' filters. I found a very minor gap in our filters, we are working on correcting it. - Jared
Re: 100.100.0.0/24
On 10/5/12 8:18 AM, Jared Mauch wrote: On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote: On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote: by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long. I suspect not everyone has updated their 'bogon' filters. I found a very minor gap in our filters, we are working on correcting it. I would imagine though I am open to other interpreations that, the root cause of the leak lies there as well. - Jared
Re: 100.100.0.0/24
Our issue is the templates were updated except for all but one type of device. If you see issues with 2914 folks can ping me off-list. - jared On Oct 5, 2012, at 11:24 AM, Ben Bartsch wrote: use this: http://www.team-cymru.org/Services/Bogons/bgp.html On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote: On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote: On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote: by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long. I suspect not everyone has updated their 'bogon' filters. I found a very minor gap in our filters, we are working on correcting it. - Jared
Re: 100.100.0.0/24
by all accounts this has been advertised since 8/24. space allocated: 2012-03-13 that's 5 months and 11 days too long. no one noticed the other leaks
100.100.0.0/24
http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. I'd be a lot happier if there were fewer. thanks joel
Re: 100.100.0.0/24
--- joe...@bogus.com wrote: From: joel jaeggli joe...@bogus.com http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. I'd be a lot happier if there were fewer. - To save others the time of looking it up... :-) http://tools.ietf.org/html/rfc6598 scott
Re: 100.100.0.0/24
On Thu, Oct 4, 2012 at 1:17 PM, joel jaeggli joe...@bogus.com wrote: http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. that took longer than expected. the internet has failed my expectations.
Re: 100.100.0.0/24
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 05 October 2012 12:04 AM, Christopher Morrow wrote: On Thu, Oct 4, 2012 at 1:17 PM, joel jaeggli joe...@bogus.com wrote: http://bgp.he.net/net/100.100.0.0/24#_bogon A surprising number of large transit ASes appear to be more than willing to accept this prefix from AS4847. that took longer than expected. the internet has failed my expectations. I learnt to use whois for such strange results! :) anurag@laptop:~$ whois 100.64.0.0 # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=100.64.0.0?showDetails=trueshowARIN=falseext=netref2 # NetRange: 100.64.0.0 - 100.127.255.255 CIDR: 100.64.0.0/10 OriginAS: NetName:SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED NetHandle: NET-100-64-0-0-1 Parent: NET-100-0-0-0-0 NetType:IANA Special Use Comment:This block is used as Shared Address Space. Traffic from these addresses does not come from IANA. IANA has simply reserved these numbers in its database and does not use or operate them. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/ Comment: Comment:Shared Address Space can only be used in Service Provider networks or on routing equipment that is able to do address translation across router interfaces when addresses are identical on two different interfaces. Comment: Comment:This block was assigned by the IETF in the Best Current Practice document, Comment:RFC 6598 which can be found at: Comment:http://tools.ietf.org/html/rfc6598 RegDate:2012-03-13 Updated:2012-04-23 Ref:http://whois.arin.net/rest/net/NET-100-64-0-0-1 - -- Anurag Bhatia http://anuragbhatia.com Twitter: @anurag_bhatia Skype: anuragbhatia.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJQbiVaAAoJEPnIYygGLJNaV18H/Rg/TJiMhh6QbYHX04JFLQ1V UOd0ihW128qpKllFMuqmwkeBFF2psPqrSdCBGqk+J1CQtgmcgwPNUaebVzoijaa/ kuPBMJNod6DhIiwKSZlkWkL5cF7buhh+E0neT4LMHsE/qVxgXEYZF/Z0OWR1L71e 38xw8Nx2javtXcBlpPbMDriFekmv4B1tSw9R4aHDJolquYmjZzBpOSj8EAX5hYLW vj7nc6SYp5lGuwgbSYCwPZvIXN0Olt/puuabeVFRXbwKWml/wScAunBIbCoP/n2G gT1MdVpcMnsBj1ZJC/fIy70Wlu/6d7z4hq8OMosLXZ3ayrmCU0QAslr6GUOhYz0= =RUOc -END PGP SIGNATURE-