North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: Please Check Filters - BOGON Filtering IP Space 220.127.116.11/19
- From: Hank Nussbacher
- Date: Thu Feb 17 03:07:06 2005
At 05:27 PM 16-02-05 -0500, Sean Donelan wrote:
On Wed, 16 Feb 2005, Kunjal Trivedi wrote:
Sure would have been nice if Cisco had asked/polled a number of key
customers to get an idea of what we wanted, rather than to know what they
thought we wanted.
> Due to the feedback we've received on the Autosecure bogon list issue,
> decided to do the following:
> 1) Provide a fix that removes bogon ACL creation and deployment from the
> Autosecure feature. This change will be available in mainline and
> maintenance software releases. For the software release details, please
> refer to 2.
> 2) A Cisco Field Notice will be published to inform customers of the change
> and will contain instructions on how to remove the bogon ACLs created by
> executing the autosecure command.
> We'll update the list with the Field Notice URL as soon as it's available.
> Tentative date for FN posting is 18th February 2005.
The pendulum swings too far in the other direction.
Martian addresses are relatively static, and might be good candidates for
one-click security. If you see a 127.0.0.0/8 packet floating around, its
probably up to no good.
As are RFC1918 addresses.