top of page

Eliminating Network Threats via Routing Registries

Bogons via Routing Registries

Free. Forever.

Filter anomalous IPs that harm your business

Improve performance & scalability whilst reducing Bogon related costs and resource drain

Bogon filtering should be undertaken only if the impacts are well-understood. These are not simple filters, and can have adverse impacts if improperly applied. In particular, please consult RFC6598 regarding 100.64.0.0/10. It’s important that you know your network, and that any planned filters are rigorously tested before adoption. These filters may be more applicable to some devices, such as gear that functions as a border router, than other devices.

Bogon tracking via routing registries is possible due to donations from several of those registries. These objects all track the traditional IPv4 bogons, not the newer and more dynamic IPv4 and IPv6 fullbogons. To track fullbogons, you will have to use one of the other available data sources. You can find bogon objects in the following registries:

RADB

The fine folks at Merit have donated a maintainer object within the RADb to the cause. MAINT-BOGON-FILTERS contains three filter-sets:

fltr-unallocated

The unallocated (by IANA) IPv4 prefixes.

The reserved and special use IPv4 prefixes.

The combination of fltr-unallocated + fltr-martian.

Details about the RADb and the objects can be found through WHOIS, e.g.:

whois -h whois.radb.net <filter-set-name>

Here is an example WHOIS query for the fltr-martian object:

bogon$ whois -h whois.radb.net fltr-martian

filter-set:

fltr-martian

descr:

Special use and reserved IPv4 prefixes.

filter:

{

0.0.0.0/8^+ ,

10.0.0.0/8^+ ,

127.0.0.0/8^+ ,

169.254.0.0/16^+ ,

172.16.0.0/12^+ ,

192.0.2.0/24^+ ,

192.168.0.0/16^+ ,

198.18.0.0/15^+ ,

198.51.100.0/24^+ ,

203.0.113.0/24^+ ,

224.0.0.0/3^+

}

admin-c:

Rob Thomas RT624

tech-c:

Rob Thomas RT624

remarks:

For the complete set of bogons, please see:

fltr-unallocated - unallocated prefixes.

fltr-bogons - fltr-unallocated + fltr-martian.

http://www.cymru.com/Documents/bogon-list.html

notify:

mnt-by:

MAINT-BOGON-FILTERS

changed:

noc@cymru.com 20100401 #17:52:52Z

source:

RADB

RADB

The fine folks at Merit have donated a maintainer object within the RADb to the cause. MAINT-BOGON-FILTERS contains three filter-sets:

fltr-unallocated

The unallocated (by IANA) IPv4 prefixes.

The reserved and special use IPv4 prefixes.

The combination of fltr-unallocated + fltr-martian.

Details from the RIPE NCC whois database can be obtained through the use of the whois tool:

whois -h whois.ripe.net <filter-set-name>

See the RADb entry above for examples.

bottom of page