BOGONs Part II

IANA has allocated several new blocks of IPv4 space over the last few months. Rather than provide you with individual updates I'm going to provide an aggregated list of IP space you should be filtering at the ingress points in your network. Recall from the previous article that BOGON filtering filters traffic originating from IP space that should NOT be seen on the internet. The aggregated list is below:

0.0.0.0/8 <- RFC 1122
10.0.0.0/8 <- RFC 1918
39.0.0.0/8 <- UNALLOCATED
102.0.0.0/7 <- UNALLOCATED
104.0.0.0/8 <- UNALLOCATED
106.0.0.0/8 <- UNALLOCATED
127.0.0.0/8 <- RFC 1122
169.254.0.0/16 <- RFC 3927
172.16.0.0/12 <- RFC 1918
179.0.0.0/8 <- UNALLOCATED
185.0.0.0/8 <- UNALLOCATED
192.0.0.0/24 <- RFC 5736
192.0.2.0/24 <- RFC 5737
192.168.0.0/16 <- RFC 1918
198.18.0.0/15 <- RFC 2544
198.51.100.0/24 <- RFC 5737
203.0.113.0/24 <- RFC 5737
224.0.0.0/3 <- RFC 3171 and RFC 1112

Make sure you update your BOGON filters on a regular basis as they regularly change. It is important to note that their are only SEVEN /8 allocations remaining. This means only TWO more /8 allocations will be handed out before the remaining FIVE /8 allocations will be allocated to each of the FIVE Regional Internet Registries according to global allocation policy. What this means is that IPv4 exhaustion with IANA will be here VERY VERY soon. I hope you all have been planning for IPv6. :)