| 词条 | Bogon filtering |
| 释义 |
Bogon filtering is the practice of filtering bogons, which are bogus (fake) IP addresses of a computer network. Bogons include IP packets on the public Internet that contain addresses that are not in any range allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated regional Internet registry (RIR) and allowed for public internet use. The areas of unallocated address space are called the bogon space. Bogons also include reserved private address[1] and link-local address ranges, such as those in {{IPaddr|10.0.0.0|8}}, {{IPaddr|172.16.0.0|12}}, {{IPaddr|192.168.0.0|16}}, and {{IPaddr|169.254.0.0|16}}, which are reserved for private networks,[1] sometimes also known as Martian packets. Many ISPs and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental or malicious misconfiguration. Bogons can be filtered by using router access control lists (ACLs), or by BGP blackholing. IP addresses that are currently in the bogon space may not be bogons at a later date because IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network operators' mailing lists (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate. For example, addresses in {{IPaddr|49.0.0.0|8}} were not allocated prior to August 2010, but are now used by APNIC.[2] As time goes on, the IPv4 address exhaustion will mean there are fewer and fewer IPv4 bogons. IANA maintains a list of allocated and reserved IPv4 netblocks.[2] {{As of|2011|11}}, the IETF recommends that since there are no longer any unallocated IPv4 {{IPaddr||8}}s, bogon filters based on registration status should be removed.[3]However, bogon filters still need to check for Martians. EtymologyThe term bogon stems from hacker jargon, where it is defined as the quantum of bogosity, or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. See also
References1. ^1 {{Cite IETF|rfc=1918|bcp=5|title=Address Allocation for Private Internets|author1=Y. Rekhter|author2=B. Moskowitz|author3=D. Karrenberg|author4=G. J. de Groot|author5=E. Lear|date=February 1996|publisher=Network Working Group}} Updated by RFC 6761. 2. ^1 {{cite web|url=http://www.iana.org/assignments/ipv4-address-space/ |title=IANA IPv4 Address Space Registry |accessdate=2010-03-18 |date=2010-02-22 |publisher=IANA }} 3. ^{{Cite IETF|rfc=6441|bcp=171|title=Time to Remove Filters for Previously Unallocated IPv4 /8s|author=L. Vegoda|publisher=IETF|date=November 2011|issn=2070-1721}} External links
2 : Computer jargon|Internet Protocol |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。