> Wash, rinse, repeat for the other 70,000 routers you manage for
> customers... This is definitely NOT a half-rack in a colo fix. Just
> contacting the customers is a feat.
And I completely agree that it's a big pain to coordinate this. In the
same hand, SBC and all other 'big' providers use BGP to dynamically
update their routing tables. Their BOGON filtering should use the same
BGP holds destination info, the problem filters you speak of are MOST
PROBABLY not BGP related at all, they are likely interface filters of the
access-list 100 deny ip 0.0.0.0 0.255.255.255 any
(assuming a cisco box of course, and this is a single line, hopefully they
permit the customer network to get something as a last line in the acl)
sort of mechanism. If they're not going to use something like the Cymru
BOGON BGP feed they should build their own and should have configured
their managed routers to query that from the beginning. As more
This is impractical as the afore-mentioned 70,000 routers are likely not
bgp capable (not all atleast, why buy that feature when all it'll ever do
is static and conencted routes?).
old-BOGON IP's come into play, more and more of the Internet is going to
'fall off' to these legacy route access list restricted routers.
Perhaps they will see the problems and move to a better solution, perhaps
their customers will ask for filter adjustments as these new pesky /8's
you speak of are 'released' for people to use... what's an ip address
As much as I would have liked to coin the term 'network monkey', I read
it in this thread by someone much more creative than I.
Either way, it's not the monkeys in this case most likely. I'd bet at the
least there is the issue of getting in touch with the customer, and
initiatinng change at his/her/their request... why 'fix' something that
isn't broken? there are hundreds of thousands of 2511's out there with 2MB
of flash and 11.2 code still running on them. These will NEVER be upgraded
to anything 'new' because cost to upgrade includes upgrading the hardware
at 3k minimum per box... not to mention outages for customers who 'dont
see a problem today' and don't like outages.