Bogon filtering

From Wikipedia, the free encyclopedia

"Bogon" is an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Regional Internet Registry (RIR). The areas of unallocated address space are called "bogon space".

For example, addresses from 100.x.x.x - 111.x.x.x have not yet been allocated (as of May 2008, see [1] for a complete current list)

Bogons are not the same as reserved private address ranges:

10.x.x.x
192.168.x.x
172.16.x.x - 172.31.x.x

Which are reserved for private networks.[2]

Many ISPs and end user firewalls filter and block bogons, because they have no legitimate use, and are therefore the result of accidental or malicious misconfiguration at the sender. Bogons can be filtered by using router ACLs, or by BGP blackholing.

IP addresses that are bogon today may not be bogon tomorrow. IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network operators' mailing lists (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate.

The IANA maintains a list of allocated and reserved IPv4 netblocks. [3]

[edit] Etymology

The term "bogon" stems from hacker jargon, where it is defined as the quantum of "bogosity", or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless: see Quantum bogodynamics. [4]

[edit] See also

[edit] External links

Languages