I'm just curious if anyone has ever published a list of what is
an agreed upon best practice list of ACLs for an internet facing border
router. I'm talking about things like bogons, private Ip addresses, et
cetera. If anyone is aware of anything like this I'd like to see it.
Thanks,
-Drew
block bogons
block your ips from outside
block rfc 1918 (martians)
block common worms ports
I suggest reviewing RFC3330. The bogons needs to be kept up to date (some
interesting discussions on SAGE-AU of organisations not doing that) but
for a list of subnets reserved for different purposes RFC3330 is
invaluable.
Rob
Drew Weaver wrote:
I'm just curious if anyone has ever published a list of what is
an agreed upon best practice list of ACLs for an internet facing border
router. I'm talking about things like bogons, private Ip addresses, et
cetera. If anyone is aware of anything like this I'd like to see it.
Depending on your flavor of router, you might need to take multiple approaches.
On my 12000s, I'm only using RACLs (beyond prefix filtering) and do more specific ACLs closer down to the "core".