Bogon filtering

A bogon is an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Internet registry. The areas of unallocated address space are called "bogon space".

The term "bogon" stems from hacker jargon, where it is defined as the quantum of "bogosity", or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. [1]

Many ISPs and end user firewalls filter bogons, because they have no legitimate use, and are therefore the result of accidental or malicious misconfiguration at the sender. Bogons can be filtered by using router ACLs, or by BGP blackholing.

However, as IANA and other registries continue to allocate more of the IP address space, bogon filter lists need to be kept up to date, as otherwise newly legitimate areas of address space will be filtered.

See also

• Martian packet
• uRPF

External links

• The Team Cymru Bogon Reference Page -- secure templates for routers
• Why bogon filtering using BGP is useless