Saturday, April 8, 2017

What are bogon routes & why should they be a concern to ISP network admins?

What are bogon routes?

Bogons are martians (private and reserved addresses defined by RFC1918, RFC5735 and RFC 6598) and net blocks that have been allocated to a regional internet registry (RIR) by the internet assigned numbers authority (IANA).

A bogon prefix is a route that should never appear in the internet routing table therefore packets routed over the public internet with a source address in a bogon range should be discarded.

Why should bogon prefixes be a concern to ISP network administrators?

Bogons are used by malicious internet users and hackers to launch DDoS attacks and IP address spoofing. In fact, most of the frequently attacked sites, 60% of the naughty packets were obvious bogons.

What should you do as an ISP network administrator to guard your network against bogons?

You need to filter and reject or discard bogon routes at your BGP edge router so they don’t enter your routing table as valid destinations. Filtering should be done on both the ingress and egress direction because similarly you don’t want to advertise bogon prefixes to your upstream provider.

However, if you choose to filter bogons you need to have a plan to keep your filters update because these lists change every day especially the full bogon list which has significant changes every day.

You can find the full bogon IPv4 and IPv6 lists here.

Bogon filtering is good and a wise decision but you have to be committed to maintaining it every day, if you just download a full bogons list once and use it to filter at your BGP router without updating it, it will become out of date very quickly and you will end up blocking legitimate traffic.

A good idea is to peer with bogon route servers, it’s a free service and you can apply here

In this way, your bogon prefixes will be automatically updated. Any changes in the full bogon prefixes will immediately be reflected in your BGP router which saves you from what would otherwise be a rigorous daily routine of downloading and updating your full bogon lists.

