Bogon filtering is the practice of blocking packets known as bogons, which are ones sent to a computer network claiming to originate from invalid or bogus , known as bogon addresses.
Etymology
The term
bogon stems from hacker
jargon, with the earliest appearance in the
Jargon File in version 1.5.0 (dated 1983).
It is defined as the
quantum of
bogosity, or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. An alternative etymology suggests that 'bogon' derives from a portmanteau of "bogus logon", or a logon from a place you know no one can actually logon.
Types of bogon addresses
Areas of unallocated address space are called the
bogon space. These are addresses that are not in any range allocated the Internet Assigned Numbers Authority (IANA) or a regional Internet registry (RIR) for public internet use.
Bogon IPs also include some address ranges from allocated space. For example, addresses reserved for private networks, such as those in , , and , loopback like and , and link-local addresses like and can be bogon addresses. Addresses for Carrier-grade NAT, Teredo tunneling, and 6to4 and documentation prefixes also fall into this category.
Blocking and filtering
Many ISPs and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental misconfiguration or malicious intent. Bogons can be filtered by using router access-control lists (ACLs), or by
BGP blackholing.
Former bogon addresses
IP addresses in the bogon space may cease to be bogons because IANA frequently assigns new address. Announcements of new assignments are often published on
Computer network operators'
(such as NANOG) to ensure that bogon filtering can be removed for addresses that have become legitimate. For example, addresses in were not allocated prior to August 2010, but are now used by
APNIC.
, the Internet Engineering Task Force (IETF) recommends that, since there are no longer any unallocated IPv4 s, IPv4 bogon filters based on registration status should be removed.
However, bogon filters still need to check for .
See also
-
Reverse-path forwarding
-
IP hijacking
-
IP address spoofing
-
Ingress filtering
-
Internet background noise
External links
