North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: peer "sanity" filters - best practices?

  • From: Christian Nielsen
  • Date: Wed Jan 24 22:04:41 2001

well... everyone has different ways of doing it. basicly we do the

for the larger peers, ie cw, uunet, bbn, sprint, we filter them via


for uunet, we would filter _1239_ _1_ and _3561_

we set this up after a large internet router company leaked full routes to

for all other peers we filter _701_ _1239_ _1_ and _3561_.

next, we max-prefix all peers. this stops route-leaks. yes, sometimes a
peer gets shutdown because they just got a large new customer but i would
put this at about 1 in 100. the other times are because of poor filtering.

we filter RFC1918, default and reserved blocks. anyone notice that there
are companies using ips from IANA-Reserved? of course we dont see them
anymore. we also filter out things like 64/8. this is due to mis-config on
the isp side. no one should be sending 64/8.

lastly, we filter at the /24 level.

this should be a good start for anyone looking to do filtering.