Todo #1441
closed
IPv4 bogons list is now static
0%
Description
Once the IPv4 bogons list is updated with the updates in http://redmine.pfsense.org/issues/1440, the ipv4 bogon list will become static. I.e. outside new RFCs which reserve specific chunks of ipv4 addresses for specific reasons (very unlikely to happen), this list will not change in the future.
Given that the list is now static, it may be time to consider removing the mechanism for updating the ipv4 bogons list.
Updated by Chris Buechler over 13 years ago
- Status changed from New to Closed
not going to remove it as it could possibly change though it most likely won't, and the same mechanism will be used for IPv6 bogons going forward.
Updated by Seth Mos about 13 years ago
Negative, some networks will remain is bogon networks regardless, if networks are returned to a RIR they might come back to the list, we could also switch to the non aggegrated variant which differs.
We already have the IPv6 bogons active in 2.1 so the process will remain regardless, and once every week or so is a perfectly fine interval. The IPv6 bogons is 360KB though. This because where a previous /8 was just ~65k /24 networks a single IPv6 /48 is already 65k networks which will be the common denominator.
A IPv6 /32 sounds like a great start but is really to coarse of a network mask that it wouldn't block insane amount of networks. Vice Versa it would allow too many networks. The current Bogon should basically be everything outside 2000::/3 and then include the Bogon file.