Skip to Content.
Sympa Menu

wg-multicast - Re: Bogon Multicast Groups [NANOG: What were we saying about edge filtering]

Subject: All things related to multicast

List archive

Re: Bogon Multicast Groups [NANOG: What were we saying about edge filtering]


Chronological Thread 
  • From: "David Farmer" <>
  • To: Bill Nickless <>
  • Cc:
  • Subject: Re: Bogon Multicast Groups [NANOG: What were we saying about edge filtering]
  • Date: Thu, 04 Sep 2003 18:54:48 -0500
  • Organization: NTS, U of MN
  • Priority: normal

Comments in line:

On 4 Sep 2003 Bill Nickless wrote:

> On Thu, 4 Sep 2003, David Farmer wrote:
>
> > We still need to say you SHOULD filter them and we need it to
> > become BCP that networks actually filter them. How you actually
> > filter them is really a local implementation issue. Although making
> > it easy is a good thing.
>
> How does the following sound?
>
> 1. The mcast-unusable draft is intended (partially) to give IANA
> advice about what groups should be permanently reserved.
>
> So I don't think it makes sense to put the bogon list in the
> mcast-unusable draft, because the bogon list is controlled
> by IANA. Something feels circular. :-)

OK if that the intent I'll believe you, your the Author. ;-) I'd just say,
giving direction to IANA ins't in the Abstract, but network access
control lists are. So I always assumed that this was intended as a
recommendation for access control lists.

If you don't intend to provide a full list of things that should be
blocked in an access control list, it would be good to point people
working on an access control list to the mcast-ipv4-bcp.

Also something is weird: draft-nickless-ipv4-mcast-unusable-02.txt,
the IETF web site says cannot be found and thinking you may have
updated it, I tried draft-nickless-ipv4-mcast-unusable-03.txt. Which
comes up with a page basically saying it is an expired draft. Which
is wrong since 02 doesn't expire until Dec 2003.

> 2. The mcast-ipv4-bcp draft, on the other hand, could very well
> mention filtering bogons in the context of IANA reserved
> blocks, plus a (technically redundant?) link to the permanently
> unusable blocks in the mcast-unusable draft (and successors).

That fine, I don't see providing the acutall reserved list in either
draft, as it will change, point them at IANA. I would like to see the
issue covered and I don't know what it would hurt to have a "you
shouldn't route multicast for reserved groups" or something to that
effect in both drafts. But, your the author and as long as it is in one
of them, I'll shut up.

> 3. David Farmer writes a draft for MBONED explaining how to
> automatically, safely, and securely update one's bogon/unusable
> filter list. :-) :-)
>
> (Seriously, David, I'll be glad to work with you on #3 if you like.)

I'd be willing, but I don't think it is possible, at least not using BGP.

A BGP BOGON route like described on the web page you pointed
to: http://www.cymru.com/BGP/bogon-rs.html Would work for
BOGON sources, Multicast NLRI routes point to a null, then a
BOGON source should cause a packets to fail RPF, both for traffic
and MSDP I think. But, I don't see how this can do anything based
on Group Address.

This could very well be a good thing to do as well, but I don't see
how it can accomplish anything for BOGON Groups. Which only
leaves hand built access lists I think. Someone PLEASE tell me I'm
wrong :-(

If bigger brains than mine figure out a way, I'd be willing to write a
dratf if no one else is.

> > On 4 Sep 2003 Bill Nickless wrote:
> >
> > >
> > > How about doing something like this for the multicast groups that IANA
> > > hasn't yet allocated, or are otherwise unusable for various reasons?
> > >
> > > What I like about it is that it's automated, rather than depending on a
> > > human in the loop everywhere to watch for IANA announcements.
> > >
> > > Having only spent about 20-30 seconds thinking about it, I'm not sure
> > > whether it's possible to configure popular routers to black-hole
> > > traffic
> > > destined for groups that are in a table populated by BGP. Maybe an
> > > inspiration will strike later?
> > >
> > > ---------- Forwarded message ----------
> > > Date: Thu, 4 Sep 2003 11:56:36 -0500 (CDT)
> > > From: Rob Thomas
> > > <>
> > > To: Christopher L. Morrow
> > > <>
> > > Cc: NANOG
> > > <>
> > > Subject: Re: What were we saying about edge filtering?
> > >
> > >
> > > ] I'm going to take a stab at: The next 69.0.0.0/8 release? Certainly
> > > there
> > > ] was some lesson learned from this, no?
> > >
> > > Yep, and the lesson is: Lots of folks do a poor job of network
> > > management. :(
> > >
> > > Keeping up with the bogons can be automated, see:
> > >
> > > <http://www.cymru.com/BGP/bogon-rs.html>
> > >
> > > --
> > > Rob Thomas
> > > http://www.cymru.com
> > > ASSERT(coffee != empty);




Archive powered by MHonArc 2.6.16.

Top of Page