RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

["Christopher L. Morrow" <christopher.morrow () mci com>]

On Thu, 20 Jan 2005, James Laszko wrote:

> Well, if the router CAN run BGP, the feed from Cymru is only about 84
> prefixes - not a lot of memory tied up there, is there?

my point was that not all managed routers, the majority actually, can't
and don't run BGP. their code doesn't even support bgp...

> If the router isn't capable of BGP, someone earlier today was kind
> enough to post a script that they use to find changes to one of the
> BOGON lists and suggested an Expect script to automatically update their
> router.  Probably a little advanced for most leaf sites, but for someone
> who's responsible for a larger network -- doesn't seem that bad.

and that 'auto update' has to have customer approval for each change. When
you deal with 70,000 customer routers making this approval happen is next
to impossible. As an example, how many do you think are/were upgraded for
the lsat 'cisco all platform' (just to pick on one low-end platform
vendor popular in this space) protocols bug? Not very many ... not nearly
enough.

If you are trying to fix this problem you'll have much better luck chasing
down the customers and having them raise this up to their provider.

> James Laszko
> Pipeline Communications, Inc.
> james () pcipros com
>
>
> -----Original Message-----
> From: Hank Nussbacher [mailto:hank () mail iucc ac il]
> Sent: Thursday, January 20, 2005 10:51 PM
> To: James Laszko
> Cc: nanog () merit edu
> Subject: RE: Please Check Filters - BOGON Filtering IP Space
> 72.14.128.0/19
>
> On Thu, 20 Jan 2005, James Laszko wrote:
>
> > sort of mechanism.  If they're not going to use something like the
> Cymru
> > BOGON BGP feed they should build their own and should have configured
> > their managed routers to query that from the beginning.  As more
>
> How would this scale for say 200K routers?  2M?  -Hank