Time to add 2002::/16 to bogon filters?

• Subject: Time to add 2002::/16 to bogon filters?
• From: niels=nanog at bakker.net (Niels Bakker)
• Date: Tue, 19 Jun 2018 11:15:09 +0200
• In-reply-to: <[email protected]>
• References: <[email protected]> <[email protected]> <c[email protected]> <[email protected]>

* marka at isc.org (Mark Andrews) [Tue 19 Jun 2018, 01:35 CEST]:
>If you filter 2002::/16 then you are performing a denial-of-service 
>attack on the few sites that are still using it DELIBERATELY.

Find me one site with a competent admin that deliberately publishes 
2002::/16 in DNS.


>None of the problems required removing it from BGP.  There were end 
>sites that had firewalls that blocked 6to4 responses and the odd 
>site that ran a gateway and failed to properly manage it.  The rest 
>could have been dealt with by configuring more gateways.

Could.  But hasn't.  Right now it's merely a security risk.

People who used to run a gateway and competently managed it took them 
down years ago when they, being competent admins, realised the utility 
had run out.


	-- Niels.

• References:
  • Time to add 2002::/16 to bogon filters?
    • From: jtk at depaul.edu (John Kristoff)
  • Time to add 2002::/16 to bogon filters?
    • From: C-Mack.McBride at charter.com (McBride, Mack)
  • Time to add 2002::/16 to bogon filters?
    • From: marka at isc.org (Mark Andrews)

• Prev by Date: Time to add 2002::/16 to bogon filters?
• Next by Date: Time to add 2002::/16 to bogon filters?
• Previous by thread: Time to add 2002::/16 to bogon filters?
• Next by thread: Time to add 2002::/16 to bogon filters?
• Index(es):
  • Date
  • Thread