Re: 100.100.0.0/24

[Nick Hilliard]

On 16/10/2012 11:37, Lowe, Richard B wrote:
 Kind of like the 192.0.2.1/32 for IPv4, huh?

no - 192.0.2.0/24 is formally TEST-NET-1, documentation and examples,
like 2001:db8::/32.

100::/64 is specifically for discard and analysis style RTBHs.  I.e. for
ipv6, you can now keep your documentation prefixes on your documentation.

Nick

 RFC: 5635
 
 -Original Message-
 From: Nick Hilliard [mailto:n...@foobar.org] 
 Sent: Sunday, October 07, 2012 6:40 AM
 To: nanog@nanog.org
 Subject: Re: 100.100.0.0/24
 
 On 07/10/2012 00:34, Randy Bush wrote:
 ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0
 
 plug: rfc .
 
 100::/64 is reserved for this purpose.
 
 Nick
 
 
 
 

Re: 100.100.0.0/24

[Nick Hilliard]

On 07/10/2012 00:34, Randy Bush wrote:
 ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0

plug: rfc .

100::/64 is reserved for this purpose.

Nick

Re: 100.100.0.0/24

[Brett Frankenberger]

On Fri, Oct 05, 2012 at 10:24:18AM -0500, Ben Bartsch wrote:
 use this:
 
 http://www.team-cymru.org/Services/Bogons/bgp.html

Please tell me how I can configure my router to use that feed to
automatically reject any bogon advertisements I receive from other BGP
neigbhors.

 On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote:
 
  I suspect not everyone has updated their 'bogon' filters.  I found a very
  minor gap in our filters, we are working on correcting it.

 -- Brett

Re: 100.100.0.0/24

[Randy Bush]

 http://www.team-cymru.org/Services/Bogons/bgp.html
 Please tell me how I can configure my router to use that feed to
 automatically reject any bogon advertisements I receive from other BGP
 neigbhors.

you actually have to look at that web page

Re: 100.100.0.0/24

[Vasil Kolev]

В 16:22 -0700 на 06.10.2012 (сб), Randy Bush написа:
  http://www.team-cymru.org/Services/Bogons/bgp.html
  Please tell me how I can configure my router to use that feed to
  automatically reject any bogon advertisements I receive from other BGP
  neigbhors.
 
 you actually have to look at that web page
 

If you're seeing the same page, the configs and explanations there show
how to drop packets destined to bogons, not routes.

(I also want to know the answer to that question)

-- 
Regards,
Vasil Kolev


signature.asc
Description: This is a digitally signed message part

Re: 100.100.0.0/24

[Randy Bush]

 http://www.team-cymru.org/Services/Bogons/bgp.html
 Please tell me how I can configure my router to use that feed to
 automatically reject any bogon advertisements I receive from other BGP
 neigbhors.
 
 you actually have to look at that web page
 
 If you're seeing the same page, the configs and explanations there show
 how to drop packets destined to bogons, not routes.
 
 (I also want to know the answer to that question)

then read the frelling page!!!

http://www.team-cymru.org/Services/Bogons/bgp-examples.html#cisco-full-v4trans

router bgp your asn
 ! Session 1
 neighbor A.B.C.D remote-as 65332
 neighbor A.B.C.D description your description
 neighbor A.B.C.D ebgp-multihop 255
 neighbor A.B.C.D password your password
 ! Session 2
 neighbor E.F.G.H remote-as 65332
 neighbor E.F.G.H description your description
 neighbor E.F.G.H ebgp-multihop 255
 neighbor E.F.G.H password your password
!
 address-family ipv4
  ! Session 1
  neighbor A.B.C.D activate
  neighbor A.B.C.D soft-reconfiguration inbound
  neighbor A.B.C.D prefix-list cymru-out-v4 out
  neighbor A.B.C.D route-map CYMRUBOGONS-V4 in
  ! Session 2
  neighbor E.F.G.H activate
  neighbor E.F.G.H soft-reconfiguration inbound
  neighbor E.F.G.H prefix-list cymru-out-v4 out
  neighbor E.F.G.H route-map CYMRUBOGONS-V4 in
!
 address-family ipv6
  ! Session 1
  neighbor A.B.C.D activate
  neighbor A.B.C.D soft-reconfiguration inbound
  neighbor A.B.C.D prefix-list cymru-out-v6 out
  neighbor A.B.C.D route-map CYMRUBOGONS-V6 in
  ! Session 2
  neighbor E.F.G.H activate
  neighbor E.F.G.H soft-reconfiguration inbound
  neighbor E.F.G.H prefix-list cymru-out-v6 out
  neighbor E.F.G.H route-map CYMRUBOGONS-V6 in
!
! Depending on IOS version, you may need to configure your router
! for new-style community syntax.
ip bgp-community new-format
!
ip community-list 100 permit 65332:888
!
ip route 192.0.2.1 255.255.255.255 Null0
!
ip prefix-list cymru-out-v4 seq 5 deny 0.0.0.0/0 le 32
!
ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0
!
ipv6 prefix-list cymru-out-v6 seq 5 deny ::/0 le 128
!
route-map CYMRUBOGONS-V6 permit 10
description IPv6 Filter bogons learned from cymru.com bogon route-servers
match community 100
set ipv6 next-hop 2001:DB8:0:DEAD:BEEF::1
!
route-map CYMRUBOGONS-V4 permit 10
description IPv4 Filter bogons learned from cymru.com bogon route-servers
match community 100
set ip next-hop 192.0.2.1

Re: 100.100.0.0/24

[Randy Bush]

 http://bgp.he.net/net/100.100.0.0/24#_bogon
 
 A surprising number of large transit ASes appear to be more than willing 
 to accept this prefix from AS4847.

a private address space leak?  and propagated.  i am deeply shocked.

wtf did people think would happen?

randy

Re: 100.100.0.0/24

[joel jaeggli]

On 10/5/12 5:08 AM, Randy Bush wrote:

http://bgp.he.net/net/100.100.0.0/24#_bogon

A surprising number of large transit ASes appear to be more than willing
to accept this prefix from AS4847.

a private address space leak?  and propagated.  i am deeply shocked.

wtf did people think would happen?
I'm unsurprised that not all filters are in place, more or less where 
they weren't however is another matter.


by all accounts this has been advertised since 8/24.


randy

Re: 100.100.0.0/24

[Christopher Morrow]

On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote:

 by all accounts this has been advertised since 8/24.

space allocated: 2012-03-13
that's 5 months and 11 days too long.

Re: 100.100.0.0/24

[Jared Mauch]

On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote:

 On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote:
 
 by all accounts this has been advertised since 8/24.
 
 space allocated: 2012-03-13
 that's 5 months and 11 days too long.

I suspect not everyone has updated their 'bogon' filters.  I found a very minor 
gap in our filters, we are working on correcting it.

- Jared

Re: 100.100.0.0/24

[Ben Bartsch]

use this:

http://www.team-cymru.org/Services/Bogons/bgp.html


On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote:


 On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote:

  On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote:
 
  by all accounts this has been advertised since 8/24.
 
  space allocated: 2012-03-13
  that's 5 months and 11 days too long.

 I suspect not everyone has updated their 'bogon' filters.  I found a very
 minor gap in our filters, we are working on correcting it.

 - Jared

Re: 100.100.0.0/24

[joel jaeggli]

On 10/5/12 8:18 AM, Jared Mauch wrote:

On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote:


On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote:


by all accounts this has been advertised since 8/24.

space allocated: 2012-03-13
that's 5 months and 11 days too long.

I suspect not everyone has updated their 'bogon' filters.  I found a very minor 
gap in our filters, we are working on correcting it.
I would imagine though I am open to other interpreations that, the root 
cause of the leak lies there as well.

- Jared

Re: 100.100.0.0/24

[Jared Mauch]

Our issue is the templates were updated except for all but one type of device.

If you see issues with 2914 folks can ping me off-list.

- jared

On Oct 5, 2012, at 11:24 AM, Ben Bartsch wrote:

 use this:
 
 http://www.team-cymru.org/Services/Bogons/bgp.html
 
 
 On Fri, Oct 5, 2012 at 10:18 AM, Jared Mauch ja...@puck.nether.net wrote:
 
 On Oct 5, 2012, at 11:07 AM, Christopher Morrow wrote:
 
  On Fri, Oct 5, 2012 at 8:29 AM, joel jaeggli joe...@bogus.com wrote:
 
  by all accounts this has been advertised since 8/24.
 
  space allocated: 2012-03-13
  that's 5 months and 11 days too long.
 
 I suspect not everyone has updated their 'bogon' filters.  I found a very 
 minor gap in our filters, we are working on correcting it.
 
 - Jared
 

Re: 100.100.0.0/24

[Randy Bush]

 by all accounts this has been advertised since 8/24.
 space allocated: 2012-03-13
 that's 5 months and 11 days too long.

no one noticed the other leaks

100.100.0.0/24

[joel jaeggli]

http://bgp.he.net/net/100.100.0.0/24#_bogon

A surprising number of large transit ASes appear to be more than willing 
to accept this prefix from AS4847.


I'd be a lot happier if there were fewer.

thanks
joel

Re: 100.100.0.0/24

[Scott Weeks]

--- joe...@bogus.com wrote:
From: joel jaeggli joe...@bogus.com

http://bgp.he.net/net/100.100.0.0/24#_bogon

A surprising number of large transit ASes appear to be more than willing 
to accept this prefix from AS4847.

I'd be a lot happier if there were fewer.
-



To save others the time of looking it up... :-)

http://tools.ietf.org/html/rfc6598

scott

Re: 100.100.0.0/24

[Christopher Morrow]

On Thu, Oct 4, 2012 at 1:17 PM, joel jaeggli joe...@bogus.com wrote:
 http://bgp.he.net/net/100.100.0.0/24#_bogon

 A surprising number of large transit ASes appear to be more than willing to
 accept this prefix from AS4847.

that took longer than expected.
the internet has failed my expectations.

Re: 100.100.0.0/24

[Anurag Bhatia]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Friday 05 October 2012 12:04 AM, Christopher Morrow wrote:
 On Thu, Oct 4, 2012 at 1:17 PM, joel jaeggli joe...@bogus.com wrote:
 http://bgp.he.net/net/100.100.0.0/24#_bogon

 A surprising number of large transit ASes appear to be more than
willing to
 accept this prefix from AS4847.

 that took longer than expected.
 the internet has failed my expectations.

I learnt to use whois for such strange results! :)


anurag@laptop:~$ whois 100.64.0.0
#
# The following results may also be obtained via:
#
http://whois.arin.net/rest/nets;q=100.64.0.0?showDetails=trueshowARIN=falseext=netref2
#

NetRange:   100.64.0.0 - 100.127.255.255
CIDR:   100.64.0.0/10
OriginAS:
NetName:SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED
NetHandle:  NET-100-64-0-0-1
Parent: NET-100-0-0-0-0
NetType:IANA Special Use
Comment:This block is used as Shared Address Space. Traffic from
these addresses does not come from IANA. IANA has simply reserved these
numbers in its database and does not use or operate them. We are not the
source of activity you may see on logs or in e-mail records. Please
refer to http://www.iana.org/abuse/
Comment: 
Comment:Shared Address Space can only be used in Service
Provider networks or on routing equipment that is able to do address
translation across router interfaces when addresses are identical on two
different interfaces.
Comment: 
Comment:This block was assigned by the IETF in the Best Current
Practice document,
Comment:RFC 6598 which can be found at:
Comment:http://tools.ietf.org/html/rfc6598
RegDate:2012-03-13
Updated:2012-04-23
Ref:http://whois.arin.net/rest/net/NET-100-64-0-0-1




- -- 
Anurag Bhatia
http://anuragbhatia.com
Twitter: @anurag_bhatia
Skype: anuragbhatia.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJQbiVaAAoJEPnIYygGLJNaV18H/Rg/TJiMhh6QbYHX04JFLQ1V
UOd0ihW128qpKllFMuqmwkeBFF2psPqrSdCBGqk+J1CQtgmcgwPNUaebVzoijaa/
kuPBMJNod6DhIiwKSZlkWkL5cF7buhh+E0neT4LMHsE/qVxgXEYZF/Z0OWR1L71e
38xw8Nx2javtXcBlpPbMDriFekmv4B1tSw9R4aHDJolquYmjZzBpOSj8EAX5hYLW
vj7nc6SYp5lGuwgbSYCwPZvIXN0Olt/puuabeVFRXbwKWml/wScAunBIbCoP/n2G
gT1MdVpcMnsBj1ZJC/fIy70Wlu/6d7z4hq8OMosLXZ3ayrmCU0QAslr6GUOhYz0=
=RUOc
-END PGP SIGNATURE-