All things related to multicast

["David Farmer" <>]

So now that we've heard from many of the usual suspects, at least 
for this list, I think we are close to a consensus, at least on this list:

Filter the Bulk Reserved space of Multicast Group Addresses at 
Administrative Boundaries.

Which at this time is:

225.0.0.0/8
226.0.0.0/8
227.0.0.0/8
228.0.0.0/8
229.0.0.0/8
230.0.0.0/8
231.0.0.0/8
234.0.0.0/8
235.0.0.0/8
236.0.0.0/8
237.0.0.0/8
238.0.0.0/8

Or summarized to:

255.0.0.0/8
226.0.0.0/7
228.0.0.0/6
234.0.0.0/7
236.0.0.0/7
238.0.0.0/8

I would argue to leave the smaller Reserved Blocks in 224.0.0.0/8 
unfiltered as this is where the more day-to-day IANA activity is 
likely to take place.  Additionally, as IANA assignes any new /8, or 
parts their of, for use they would be removed from any Bulk 
Reserved Multicast filters.  I believe this is the sprit of Unicast 
BOGON filters.

I would suggest that by filtering these Reserved Blocks now and 
with proper maintenance of the filters these Reserved Blocks may 
become more deployable in the future for new uses.  Reasoning: 
by filtering we might be able to keep squatters out, therefore less 
problems for new deployments.

Additionally, as discussed on the list, these filters may help with 
MSDP's stability, especially in presence of DOS activity.

So next thing that I think is needed is a little more on what is 
broken by doing this, if anything.  

Looking at Marshall's Histogram from last night I'm interested in 
what is going on in 228 and 236 and maybe 229, the most of the 
rest is probably Noise, but if any one knows.  Also, doesn't MSDP 
state mean there are Sources and not necessarily any potential 
Receivers listening.  And given the residual Worm activity it is 
possible that most the activity in the Reserved blocks is Noise.  
Just to be scientific about it a larger sample might be nice as well, 
one Tuesday night about midnight may not be enough. :)  

Does anyone have an opinion if just MSDP should be filter, or both 
traffic and MSDP should be filtered at an Administrative Boundary?  
Should traffic or PIM join state, etc... be filtered within an 
Administrative Domain?

Is there anyone out there that thinks this is a really stupid idea?  
Are we really close to a consensus, I'm a little worried that this has 
been too easy.  And, it is really scary that I seem to have had such 
a good idea. :-)

Thanks for the input and could some of you raise the subject on the 
some of the broader mailing multicast lists.  I'd be interested in a 
broader thought on the subject.


=================================================
David Farmer                            Email:  

Office of Information Technology
University of Minnesota                 Phone:  612-626-0815
2218 University Ave SE                  Cell:   612-812-9952
Minneapolis, MN 55414-3029              FAX:    612-624-4035
=================================================