109/8 - not a BOGON

Mailman List Mirror (Read Only)
1

Hi there,

A customer of mine is reporting that there are a large number of addresses
he can not reach with his addresses in the 109/8 range. This was
declassified as a BOGON and assigned by IANA to RIPE in January 2009.

If you have a manually updated BOGON list, can I please ask that you review
it and update it as soon as possible please? His addresses in 89/8 and 83/8
work just fine, hence this presumption of BOGON filtering.

Matthew Walster

2

Hi Matthew,

I had the same problem with our new range assigned to us by APNIC, out of 110/8

You're in for a long, hard and frustrating road.

If you manage to get in contact with anyone, or anyone responds to you, mind letting me know? I'd suspect they'd probably have us blocked still too, we've just not come across it yet.

Regards,
Shane Short

3

The 109/8 range was removed from our ISP Ingress Prefix Filters in
version 22 (dated 6-Feb-2009):

ftp://ftp-eng.cisco.com/cons/isp/security/Ingress-Prefix-Filter-Template
s/T-ip-prefix-filter-ingress-loose-check-v22.txt

Thanks,
John

4

This might be a good moment to list all the /8s allocated so far this year.

046/8 RIPE NCC 2009-09 whois.ripe.net ALLOCATED
002/8 RIPE NCC 2009-09 whois.ripe.net ALLOCATED
182/8 APNIC 2009-08 whois.apnic.net ALLOCATED
175/8 APNIC 2009-08 whois.apnic.net ALLOCATED
183/8 APNIC 2009-04 whois.apnic.net ALLOCATED
180/8 APNIC 2009-04 whois.apnic.net ALLOCATED
178/8 RIPE NCC 2009-01 whois.ripe.net ALLOCATED
109/8 RIPE NCC 2009-01 whois.ripe.net ALLOCATED

Also, I'd like to mention that if you ever want to check your filters
against the registry, we have made the columns sortable. It's now nice and
easy to identify newly allocated /8s.

http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml

Regards,

Leo Vegoda

5

A pingable address in the problem range would help people to quickly
evaluate whether they have a problem in their network or upstreams...

- Matt

6

The router has the address "109.68.64.1" - saves giving out customer's IP.

Does anyone have any recommendations for dealing with BOGON space that
hasn't been defiltered by networks? Any ideas how to get people to update
filter lists?

Matthew Walster

7

I've found pinging a polite email to the whois contact on the ASN -sometimes- gives useful results, but not always.

Be aware that you're not only dealing with router black-holes, but seemingly some people have applied bogon filtering to their BIND name servers also.

If you can provide a non bogon IP within the same AS, it can be useful for the person at the other end-- shows them they have a problem.

-Shane

8

References to documents on bogon best practices are a good idea when
trying to contact WHOIS contacts as well - our bogon reference page and
the IANA IPv4 address space assignments page are probably good places to
start on that:

http://www.team-cymru.org/Services/Bogons/
http://www.iana.org/assignments/ipv4-address-space/

Shane makes a good point about BIND and other configs - we actually
stopped including static bogons in our BIND and BGP/JunOS templates
earlier this year because we found they were being used and not updated,
despite our warnings not to do so.

Best regards,
Tim Wilde

- --
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde@cymru.com | +1-630-230-5433 | http://www.team-cymru.org/