Bogon filtering

A bogon is a bogus IP address, and an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Regional Internet Registry (RIR). The areas of unallocated address space are called the bogon space.

Bogons are not the same as reserved private address ranges, such as those in 10.0.0.0/8 and 192.168.0.0/16, which are reserved for private networks.^[1]

Many ISPs and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental or malicious misconfiguration. Bogons can be filtered by using router ACLs, or by BGP blackholing.

IP addresses that are bogon today may not be bogon tomorrow. IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on network operators' mailing lists (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate.

For example, addresses in 49.0.0.0/8 were not allocated prior to August 2010, but are now used by APNIC.^[2] As time goes on, the IPv4 address exhaustion will mean there are fewer and fewer IPv4 bogons.

IANA maintains a list of allocated and reserved IPv4 netblocks.^[2]

Etymology

The term bogon stems from hacker jargon, where it is defined as the quantum of bogosity, or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless: see "Quantum bogodynamics".^[3]

The term bogon in the US is pronounced about the same way as bogan is in Australia. The Australian term is often used to describe people of lower socioeconomic status, similar to the term redneck that is used in the US. The University of Melbourne was one of the first locations to start filtering the unallocated IP addresses^{[citation needed]} because of their high costs of international traffic and it appears that bogon may have derived from conversations between network administrators on different sides of the TransPacific Internet link.

See also

• Martian packet
• Reverse path forwarding
• IP hijacking

References

1. ^ Rekhter (February, 1996), "Address Allocation for Private Internets" (txt), Network Working Group, http://www.ietf.org/rfc/rfc1918.txt, retrieved 2010-03-18 
2. ^ ^{a b} "IANA IPv4 Address Space Registry". IANA. 2010-02-22. http://www.iana.org/assignments/ipv4-address-space/. Retrieved 2010-03-18. 
3. ^ "bogon - The Jargon File". Retrologic Systems Online Jargon File. http://www.retrologic.com/jargon/B/bogon.html. Retrieved 2010-03-18. 

External links

• IANA IPv4 Address Space
• RFC 1918 – "Address Allocation for Private Internets"
• The Team Cymru Bogon Reference Page
• Bogons Ate My Website
• Bogon traffic analysis report, netflow and spam analysis
• RIPE NCC: De-Bogonising New Address Blocks