[afnog] Private IP Filters in bgp

Heinrich Strauss heinrich at hstrauss.co.za
Mon May 28 05:19:07 UTC 2012


Just to reiterate something from Randy's example (which may have gone 
unnoticed):

100.64.0.0/10 should also be filtered.

This was desginated for "Shared Address Space" as per 
http://www.rfc-editor.org/rfc/rfc6598.txt

Regards,
Heinrich

On 2012/05/27 11:26, Randy Bush wrote:
> i just looked at what i do in ios classic, and it is a bit perverse
>
>      no ip prefix-list v4-bogons
>      ip prefix-list v4-bogons permit 0.0.0.0/8 le 32
>      ip prefix-list v4-bogons permit 10.0.0.0/8 le 32
>      ip prefix-list v4-bogons permit 100.64.0.0/10 le 32
>      ip prefix-list v4-bogons permit 127.0.0.0/8 le 32
>      ip prefix-list v4-bogons permit 169.254.0.0/16 le 32
>      ip prefix-list v4-bogons permit 172.16.0.0/12 le 32
>      ip prefix-list v4-bogons permit 192.0.2.0/24 le 32
>      ip prefix-list v4-bogons permit 192.168.0.0/16 le 32
>      ip prefix-list v4-bogons permit 223.0.0.0/8 le 32
>      ip prefix-list v4-bogons permit 224.0.0.0/3 le 32
>      ...
>      route-map ebgp4-in deny 1
>        match ip address prefix-list v4-bogons
>
> randy



More information about the afnog mailing list