Re: Filtering RFC 1918

From: istong@stong.org
Date: Sun May 21 2006 - 10:14:56 ART

• Next message: Jai Prakash: "Re: OSPF question"
• Previous message: Koen Zeilstra: "prefer link in OSPF using multipoint FR interface"
• Maybe in reply to: Kashif Masood: "Filtering RFC 1918"
• Next in thread: Scott Morris: "RE: Filtering RFC 1918"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If you are going to filter outside of RFC1918 why not go all
the way and filter using the bogon list.
It includes RFC1918 plus addresses that have not been
assigned by ARIN and hence should not be
seen on your network. A good reference for more info is
http://www.cymru.com/Bogons/index.html

Thanks,

Ian
www.ccie4u.com

> Those three ranges are RFC1918.
>
> I personally would filter out host 0.0.0.0 and 127.0.0.0
> 0.255.255.255 as well. What does everyone think about
> think?
>
> On 5/21/06, Kashif Masood <kashifmasood27@hotmail.com>
> wrote: >
> > Thanks for your reply. So if we want to deny just the
> > RFC 1918 for 172.16.0.0 to 172.31.0.0
> >
> > the following line is correct.
> >
> > 172.16.0.0 0.15.255.255
> >
> > Can you please confirm
> >
> > Thanks
> >
> >
> >
> > >From: Marvin Greenlee <marvingreenlee@yahoo.com>
> > >To: Kashif Masood <kashifmasood27@hotmail.com>,
> > ccielab@groupstudy.com >Subject: Re: Filtering RFC 1918
> > >Date: Sat, 20 May 2006 23:21:20 -0700 (PDT)
> > >
> > >.15 as a wildcard mask says that you don't care about
> > >the last 4 bits. This means you are matching a group
> > >of 16. The group of 16 starts at a multiple of 16,
> > >which in this case is 16, so it would match 16 to 31.
> > >
> > >
> > >.31 as a wildcard mask says that you don't care about
> > >the last 5 bits. This means you are matching a group
> > >of 32. The group of 32 starts at a multiple of 32,
> > >which would be 0, and would cover 0 to 31 (excess
> > >overlap)
> > >
> > >
> > >--- Kashif Masood <kashifmasood27@hotmail.com> wrote:
> > >
> > > > Hi Team:
> > > >
> > > > This may be a very basic question, but I am confused
> > > > about which access-list
> > > > is right
> > > >
> > > > We know that the private address range is 172.16.0.0
> > > > 172.31.0.0 /12
> > > >
> > > > So if we have to filter RFC 1918 addresses, which
> > > > access-list is right
> > > >
> > > > access-list 10 deny 172.16.0.0 0.15.255.255
> > > >
> > > > or
> > > >
> > > > access-list 10 deny 172.16.0.0 0.31.255.255
> > > >
> > > > Your input will be highly appreciated.
> > > >
> > > > Thanks
> > > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Tired of spam? Yahoo! Mail has the best spam
> > protection around >http://mail.yahoo.com
> >
> >
> __________________________________________________________
> > _______ Is your PC infected? Get a FREE online computer
> > virus scan from McAfee. Security.
> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> > >
> __________________________________________________________
> > _____________ Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> __________________________________________________________
> _____________ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

_________________________________________

Check your Email accounts at MyEmail.com

Login from home, work, school. Anywhere!

• Next message: Jai Prakash: "Re: OSPF question"
• Previous message: Koen Zeilstra: "prefer link in OSPF using multipoint FR interface"
• Maybe in reply to: Kashif Masood: "Filtering RFC 1918"
• Next in thread: Scott Morris: "RE: Filtering RFC 1918"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART