Re: Definition/Classification of Bogon

2018-07-24 Thread Hank Nussbacher 
On 25/07/2018 05:37, Aftab Siddiqui wrote:
> Exactly, getting the right and updated info is so tricky that people only
> filter Private+Reserved ASNs. Because of the same reason more than 600
> unallocated ASNs are in the routing table as per the CIDR-Report.
>
> Wouldn't that be simple to parse the list and start updating filters on
> daily basis? I understand its troublesome for big operators. I've just
> started this so lets see what happens :) but I can tell that the diff on
> file created every night isn't much (around 10-20).
>
> http://www.cidr-report.org/as2.0/#Bogons
>
Been there, done that - 15 years ago with Barry:
https://www.nanog.org/meetings/nanog27/presentations/hank.pdf
IPs, ASNs, it don't matter...no one gives a sh*t.  Not today, not 15
years ago.
Nowadays, the bible on being a good ISPs is defined by MANRS and if it
don't appear there then you and I are clearly delusional.

-Hank

Re: Definition/Classification of Bogon

2018-07-24 Thread Aftab Siddiqui 
Hi Bill,

On Tue, 24 Jul 2018 at 23:03 William Herrin  wrote:

> On Tue, Jul 24, 2018 at 7:24 AM, Aftab Siddiqui
>  wrote:
> > Q - Generally, Private or Reserved ASNs are considered as Bogon ASN but
> > what about unallocated ASNs?
>
> Hi Aftab,
>
> You can reasonably think of a bogon as any Internet number resource
> which according to the registration authority should not appear on
> whatever network is at issue.
>

Perfect definition. I have the same opinion. BUT

> Q - Is there any RFC (or even draft) which classify unallocated ASNs as
> > Bogon as well?
>
> The RFCs offer guidelines and conventions in this, not hard rules. It
> would be an error to treat them as hard rules.
>

Recently, during a discussion with few decent size service providers who
pointed me to RFC3871 suggesting that the word Bogon is for "IP resources"
only. Hence, I asked this question here.


> > Q - In the above scenario when an RIR deregister a resource (IPv4/v6 or
> > ASN) due to any disagreement (sometimes deregistration happens because of
> > non-payment and can be resolved in a few days/weeks). How long should a
> > service provider wait to mark them as bogon and stop advertising or
> > accepting it?
>
> In my opinion: until the customer stops paying you or the authority
> assigns the resource to someone else. As long as the resource was
> properly assigned to the customer when they started advertising it,
> there's no real angle to forcibly ending it sooner.


This is the current practice though it isn't the best one.

Re: Definition/Classification of Bogon

2018-07-24 Thread Aftab Siddiqui 
Hi,

On Wed, 25 Jul 2018 at 06:12 Radu-Adrian Feurdean <
na...@radu-adrian.feurdean.net> wrote:

> On Tue, Jul 24, 2018, at 13:24, Aftab Siddiqui wrote:
> > Q - Generally, Private or Reserved ASNs are considered as Bogon ASN but
> > what about unallocated ASNs?
>
> If you don't have an automated update process running at decent time
> intervals (one week or more often, under no circumstance less than once a
> month) and you don't have processes in place that monitor that updates do
> happen properly with some corrective action being done when they don't -
> then stick with private or reserved.
>
> If you do have everything needed, and are aware that what is unallocated
> today may be allocated tomorrow, then you can (should) go with
> private+reserved+unallocated option.
>

Exactly, getting the right and updated info is so tricky that people only
filter Private+Reserved ASNs. Because of the same reason more than 600
unallocated ASNs are in the routing table as per the CIDR-Report.

Wouldn't that be simple to parse the list and start updating filters on
daily basis? I understand its troublesome for big operators. I've just
started this so lets see what happens :) but I can tell that the diff on
file created every night isn't much (around 10-20).

http://www.cidr-report.org/as2.0/#Bogons

Re: Definition/Classification of Bogon

2018-07-24 Thread Radu-Adrian Feurdean 
On Tue, Jul 24, 2018, at 13:24, Aftab Siddiqui wrote:
> Q - Generally, Private or Reserved ASNs are considered as Bogon ASN but
> what about unallocated ASNs?

If you don't have an automated update process running at decent time intervals 
(one week or more often, under no circumstance less than once a month) and you 
don't have processes in place that monitor that updates do happen properly with 
some corrective action being done when they don't - then stick with private or 
reserved.

If you do have everything needed, and are aware that what is unallocated today 
may be allocated tomorrow, then you can (should) go with 
private+reserved+unallocated option.

Re: Definition/Classification of Bogon

2018-07-24 Thread William Herrin 
On Tue, Jul 24, 2018 at 7:24 AM, Aftab Siddiqui
 wrote:
> Q - Generally, Private or Reserved ASNs are considered as Bogon ASN but
> what about unallocated ASNs?

Hi Aftab,

You can reasonably think of a bogon as any Internet number resource
which according to the registration authority should not appear on
whatever network is at issue.


> Q - Is there any RFC (or even draft) which classify unallocated ASNs as
> Bogon as well?

The RFCs offer guidelines and conventions in this, not hard rules. It
would be an error to treat them as hard rules.


> Q - In the above scenario when an RIR deregister a resource (IPv4/v6 or
> ASN) due to any disagreement (sometimes deregistration happens because of
> non-payment and can be resolved in a few days/weeks). How long should a
> service provider wait to mark them as bogon and stop advertising or
> accepting it?

In my opinion: until the customer stops paying you or the authority
assigns the resource to someone else. As long as the resource was
properly assigned to the customer when they started advertising it,
there's no real angle to forcibly ending it sooner.

Regards,
Bill Herrin

-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web:

Definition/Classification of Bogon

2018-07-24 Thread Aftab Siddiqui 
Hi Everyone,
Just wanted to understand something about Bogons.

As per RFC3871 - A "Bogon" (plural: "bogons") is a packet with an IP source
address in an address block not yet allocated by IANA or the Regional
Internet Registries (ARIN, RIPE, APNIC...) as well as all addresses
reserved for private or special use by RFCs. See [RFC3330] and [RFC1918].

Q - Generally, Private or Reserved ASNs are considered as Bogon ASN but
what about unallocated ASNs?

Q - Is there any RFC (or even draft) which classify unallocated ASNs as
Bogon as well?

Additionally, Geoff Huston [1] explained all the possible classifications
of "Bogon" in his blog post back in 2004 --> "Sometimes a bogon is just a
case of keystroke error by a network operator, and the consequent bogons
are entirely inadvertent, and other times it may be a disagreement between
an end user and a registration authority"

Q - In the above scenario when an RIR deregister a resource (IPv4/v6 or
ASN) due to any disagreement (sometimes deregistration happens because of
non-payment and can be resolved in a few days/weeks). How long should a
service provider wait to mark them as bogon and stop advertising or
accepting it?


[1] - http://www.potaroo.net/ispcol/2004-04/2004-04-isp.htm