Bogon filtering
From Wikipedia, the free encyclopedia
"Bogon" is an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Regional Internet Registry (RIR). The areas of unallocated address space are called "bogon space".
For example, addresses from 100.x.x.x - 111.x.x.x have not yet been allocated (as of May 2008, see [1] for a complete current list)
Bogons are not the same as reserved private address ranges:
10.x.x.x 192.168.x.x 172.16.x.x - 172.31.x.x
Which are reserved for private networks.[2]
Many ISPs and end user firewalls filter and block bogons, because they have no legitimate use, and are therefore the result of accidental or malicious misconfiguration at the sender. Bogons can be filtered by using router ACLs, or by BGP blackholing.
IP addresses that are bogon today may not be bogon tomorrow. IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network operators' mailing lists (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate.
The IANA maintains a list of allocated and reserved IPv4 netblocks. [3]
[edit] Etymology
The term "bogon" stems from hacker jargon, where it is defined as the quantum of "bogosity", or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless: see Quantum bogodynamics. [4]
[edit] See also
[edit] External links
- IANA IPv4 Address Space
- RFC 1918 – "Address Allocation for Private Internets"
- The Team Cymru Bogon Reference Page -- secure templates for routers
- Bogons Ate My Website
- Bogon IPs
- Bogon traffic analysis report, netflow and spam analysis