Bogon filtering
Encyclopedia
A bogon is a bogus IP address, and an informal name for an IP
packet on the public Internet
that claims to be from an area of the IP address space
reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority
(IANA) or a delegated Regional Internet Registry
(RIR). The areas of unallocated address space are called the bogon space.
Bogons are not the same as reserved private address
ranges, such as those in
Many ISP
s and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental or malicious misconfiguration. Bogons can be filtered by using router ACL
s, or by BGP blackholing
.
IP address
es that are bogon today may not be bogon tomorrow. IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network
operators' mailing list
s (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate.
For example, addresses in
IANA maintains a list of allocated and reserved IPv4 netblocks.
As of November 2011, the IETF recommends that all bogon filters are removed as all /8 netblocks have been assigned. This is document in BCP171 (RFC6441).
, where it is defined as the quantum
of bogosity, or the property of being bogus
. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless: see "Quantum bogodynamics".
The term bogon in the US is pronounced about the same way as bogan
is in Australia. The Australian term is often used to describe people of lower socioeconomic status, similar to the term redneck
that is used in the US. The University of Melbourne was one of the first locations to start filtering the unallocated IP addresses because of their high costs of international traffic and it appears that bogon may have derived from conversations between network administrators on different sides of the TransPacific Internet link.
Internet Protocol
The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...
packet on the public Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
that claims to be from an area of the IP address space
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority
Internet Assigned Numbers Authority
The Internet Assigned Numbers Authority is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System , media types, and other Internet Protocol-related symbols and numbers...
(IANA) or a delegated Regional Internet Registry
Regional Internet Registry
A regional Internet registry is an organization that manages the allocation and registration of Internet number resources within a particular region of the world...
(RIR). The areas of unallocated address space are called the bogon space.
Bogons are not the same as reserved private address
Reserved IP addresses
In the Internet addressing architecture, certain IP addresses are reserved by the Internet Assigned Numbers Authority for special use. These addresses may be necessary for maintenance of routing tables, multicast, or operation under failure modes....
ranges, such as those in
10.0.0.0/8 and 192.168.0.0/16, which are reserved for private networks.Many ISP
Internet service provider
An Internet service provider is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and host other people servers...
s and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental or malicious misconfiguration. Bogons can be filtered by using router ACL
Access control list
An access control list , with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject...
s, or by BGP blackholing
Black hole (networking)
In networking, black holes refer to places in the network where incoming traffic is silently discarded , without informing the source that the data did not reach its intended recipient....
.
IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es that are bogon today may not be bogon tomorrow. IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
operators' mailing list
Mailing list
A mailing list is a collection of names and addresses used by an individual or an organization to send material to multiple recipients. The term is often extended to include the people subscribed to such a list, so the group of subscribers is referred to as "the mailing list", or simply "the...
s (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate.
For example, addresses in
49.0.0.0/8 were not allocated prior to August 2010, but are now used by APNIC. As time goes on, the IPv4 address exhaustion will mean there are fewer and fewer IPv4 bogons.IANA maintains a list of allocated and reserved IPv4 netblocks.
As of November 2011, the IETF recommends that all bogon filters are removed as all /8 netblocks have been assigned. This is document in BCP171 (RFC6441).
Etymology
The term bogon stems from hacker jargonJargon
Jargon is terminology which is especially defined in relationship to a specific activity, profession, group, or event. The philosophe Condillac observed in 1782 that "Every science requires a special language because every science has its own ideas." As a rationalist member of the Enlightenment he...
, where it is defined as the quantum
Quantum
In physics, a quantum is the minimum amount of any physical entity involved in an interaction. Behind this, one finds the fundamental notion that a physical property may be "quantized," referred to as "the hypothesis of quantization". This means that the magnitude can take on only certain discrete...
of bogosity, or the property of being bogus
Bogus
Bogus may refer to:*Bogus , a 1996 film starring Whoopi Goldberg* Bogus Basin mountain resort in Idaho*Mr. Bogus, a 1992 animation-See also:*BogoMips*Bogon *Bogosort*Bill & Ted's Bogus Journey...
. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless: see "Quantum bogodynamics".
The term bogon in the US is pronounced about the same way as bogan
Bogan
The term bogan is Australian slang, usually pejorative or self-deprecating, for an individual who is recognised to be from a lower class background or someone whose limited education, speech, clothing, attitude and behaviour exemplifies such a background....
is in Australia. The Australian term is often used to describe people of lower socioeconomic status, similar to the term redneck
Redneck
Redneck is a historically derogatory slang term used in reference to poor, uneducated white farmers, especially from the southern United States...
that is used in the US. The University of Melbourne was one of the first locations to start filtering the unallocated IP addresses because of their high costs of international traffic and it appears that bogon may have derived from conversations between network administrators on different sides of the TransPacific Internet link.
External links
- IANA IPv4 Address Space
- RFC 1918 – "Address Allocation for Private Internets"
- The Team Cymru Bogon Reference Page
- Bogons Ate My Website
- Bogon traffic analysis report, netflow and spam analysis
- RIPE NCC: De-Bogonising New Address Blocks