Bogon filtering is the practice of blocking packets known as bogons, which are ones sent to a

computer network A computer network is a collection of communicating computers and other devices, such as printers and smart phones. In order to communicate, the computers and devices must be connected by wired media like copper cables, optical fibers, or b ...

claiming to originate from invalid or bogus

IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...

es, known as bogon addresses.

Etymology

The term ''bogon'' stems from

hacker A hacker is a person skilled in information technology who achieves goals and solves problems by non-standard means. The term has become associated in popular culture with a security hackersomeone with knowledge of bug (computing), bugs or exp ...

jargon Jargon, or technical language, is the specialized terminology associated with a particular field or area of activity. Jargon is normally employed in a particular Context (language use), communicative context and may not be well understood outside ...

, with the earliest appearance in the

Jargon File The Jargon File is a glossary and usage dictionary of slang used by computer programmers. The original Jargon File was a collection of terms from technical cultures such as the MIT Computer Science and Artificial Intelligence Laboratory, MIT AI Lab ...

in version 1.5.0 (dated 1983). It is defined as the quantum of ''bogosity'', or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. An alternative etymology suggests that 'bogon' derives from a portmanteau of "bogus logon", or a logon from a place you know no one can actually logon.

Types of bogon addresses

Areas of unallocated address space are called the bogon space. These are that are not in any range allocated the

Internet Assigned Numbers Authority The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, Autonomous system (Internet), autonomous system number allocation, DNS root zone, root zone management in the Domain Name Syste ...

(IANA) or a regional Internet registry (RIR) for public internet use. Bogon IPs also include some address ranges from allocated space. For example, addresses reserved for private networks, such as those in , , and , loopback interfaces like and , and link-local addresses like and can be bogon addresses. Addresses for Carrier-grade NAT, Teredo, and 6to4 and documentation prefixes also fall into this category. IP packets using these as source addresses are sometimes known as Martian packets.

Blocking and filtering

Many ISPs and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental misconfiguration or malicious intent. Bogons can be filtered by using router access-control lists (ACLs), or by BGP blackholing.

Former bogon addresses

IP addresses in the bogon space may cease to be bogons because IANA frequently assigns new address. Announcements of new assignments are often published on network operators'

mailing list A mailing list is a collection of names and addresses used by an individual or an organization to send material to multiple recipients. Mailing lists are often rented or sold. If rented, the renter agrees to use the mailing list only at contra ...

s (such as NANOG) to ensure that bogon filtering can be removed for addresses that have become legitimate. For example, addresses in were not allocated prior to August 2010, but are now used by APNIC. , the Internet Engineering Task Force (IETF) recommends that, since there are no longer any unallocated IPv4 s, IPv4 bogon filters based on registration status should be removed. However, bogon filters still need to check for Martian packets.

References

External links