North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: UUNet Routing SNAFU

  • From: Alec H. Peterson
  • Date: Wed Oct 08 23:57:30 1997

On Wed, Oct 08, 1997 at 07:39:52PM -0700, David Carmean wrote:
> 
> I installed the ACL Sean posted back in December of '95, updated by 
> changes he posted in June of '96.  Is that list still reasonable?

I'm pretty sure that is the version that filters >=207 at /19 (instead
of /18 which is where he initially put the filter).  However, keep in
mind that the registries have been allocating space out of old class A
space, which all versions of his filter I've seen _will_ block.  So,
depending on your policy you would want to add:

access-list xxx permit ip 62.0.0.0 0.255.255.255 0.0.0.0 255.255.255.0

Do that for 24/8, 62/8 and any other blocks that the IANA has released
to a registry (I think Dorian mentioned 63/8 and 64/8 as well).  Of
course, if you want to filter on /19 then your mask will be a little
different.

Of course, one can just do what Randy suggested and filter all class A
space at /19 and be done with it.

Alec

-- 
+------------------------------------+--------------------------------------+
|Alec Peterson - ahp@hilander.com    | Erols Internet Services, INC.        |
|Network Engineer                    | Springfield, VA.                     |
+------------------------------------+--------------------------------------+