[arin-ppml] The problem with IPv4 bogon and listing them

Kevin Kargel kkargel at polartel.com
Wed Oct 29 16:05:55 EDT 2008


> -----Original Message-----
> From: Ted Mittelstaedt [mailto:tedm at ipinc.net] 
> Sent: Wednesday, October 29, 2008 2:46 PM
> To: ppml at arin.net
> Cc: Kevin Kargel
> Subject: The problem with IPv4 bogon and listing them
> 
> 
> Kevin, let's talk about bogons.  We have Cymru running their 
> list here:
> 
> http://www.cymru.com/Documents/bogon-list.html
> 
> but, I'll quote from the text on the list:
> 
> "...IANA allocations change over time, so please check back 
> regularly to ensure you have the latest filters. I can not 
> stress this point strongly enough - these allocations change, 
> as often as every four months...."
> 
> Checking back every 4 MONTHS?  So that
> means if I request IPv4 that's dirty, on this list, and I get 
> it, that I have to wait
> 4 months before using it?  And that's just for the people out 
> there who are following the recommendation.
> 
> People are generating router ACL's from this list, and NOT 
> updating them in any timely 4 month intervals.  Consider that 
> it might take a couple YEARS from delisting on this list for 
> the subnets to be usable.
> 
> It would be very foolish in my opinion to place IPv4 that is 
> returned from orgs who have been using it, on to this list.  
> Frankly, ARIN should be working through this list right NOW 
> and identifying if any subnets on it are theirs, and taking 
> steps to recover those subnets and place them back into the 
> free pool.  
> 
> Ted
> 
> 

Ted,

I agree with all of your points in this message. Actually in fact, we are
more in line than recent missives would indicate.

I do, however, stipulate that the downsides are mitigated if it is ARIN that
is running the bogon list, as accuracy and timeliness would be vastly
improved.  Also with ARIN running the list it could relatively easily be
tied in to ARIN WHOIS, making automation of the routing declinations
possible.  

I agree that without much closer interwork between ARIN and CYMRU that blind
adoption of the CYMRU list would be foolhardy.  As it stands it is a great
reference, but not a great authoritative reference.

If money is needed to fund an ARIN bogon effort it could easily be offered
as a subscription service.  I would happily pay a reasonable fee.


 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3107 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20081029/bd14ccb0/attachment-0001.bin>


More information about the ARIN-PPML mailing list