[afnog] Private IP Filters in bgp
Mark Tinka
mark.tinka at seacom.mu
Mon May 28 06:11:11 UTC 2012
On Monday, May 28, 2012 07:42:19 AM Randy Bush wrote:
> sorry, i guess i should have pointed that out.
>
> anyone got a good v6 bogon list? mine has not been kept
> up to date. it should include
> 2002:a40::/48 to 2002:a7f:ffff::/48
> the 6to4 disease
I've been using this one (massively relaxed) for some time
now, and adding to it rather slowly based on push-back from
the wild (beware, Junossss syntax, but should be easy to
understand):
policy-statement upstreams-in6 {
term 10 {
from {
route-filter ::/0 exact;
route-filter ::/8 upto /128;
route-filter 3ffe::/16 upto /128;
route-filter 2001::/32 prefix-length-range /33-/128;
route-filter 2001:db8::/32 upto /128;
route-filter <your:own:allocation>::/32 upto /128;
route-filter 2002::/16 prefix-length-range /17-/128;
route-filter fc00::/7 upto /128;
route-filter fe00::/9 upto /128;
route-filter fe80::/10 upto /128;
route-filter ff00::/8 upto /128;
}
then reject;
}
term 999 {
from {
route-filter ::/0 upto /48;
}
then accept;
}
then reject;
}
However, I've also been tracking Gert Döring's work in this
area, and below is a link to his page where he maintains
two lists of IPv6 control plane filters; relaxed and strict:
http://www.space.net/~gert/RIPE/ipv6-filters.html
Cheers,
Mark.
More information about the afnog
mailing list