Andre Chapuis writes: > Dear all, > As requested during my presentation, you can find below our current prefix-list.
Here's our standard prefix filter list, including some explanatory comments. We use it on all peerings with the exception of some research networks (where some organizations use more-specifics in an attempt to separate "research" from "commodity" traffic). !!! Prefix list "martians" !!! Match prefixes that people should *not* announce to us. !!! To be used in a "deny" stance of an ingress route-map !!! !!! Date Created: 21-Nov-2001 !!! RCS $Header: /common/cisco/config/pfl/RCS/pf-martians,v 1.24 2003/12/10 12:22:09 leinen Exp $ !!! no ip prefix-list martians !!! !!! The following list is currently *not* used, but since it is the !!! "mother" of the lists below, I mention it anyway. It contains the !!! IANA assignment status of every 256 /8 block in the IPv4 space: !!! !!! http://www.iana.org/assignments/ipv4-address-space !!! !!! In principle, one could filter out all "IANA - Reserved" and "IANA !!! - Multicast" blocks altogether. !!! !! Special-use address blocks !! - http://www.isi.edu/~bmanning/dsua.html !! - draft-iana-special-ipv4-05.txt ip prefix-list martians seq 10 permit 0.0.0.0/8 ip prefix-list martians seq 20 permit 10.0.0.0/8 le 32 ip prefix-list martians seq 30 permit 127.0.0.0/8 ip prefix-list martians seq 40 permit 169.254.0.0/16 le 32 ip prefix-list martians seq 50 permit 172.16.0.0/12 le 32 ip prefix-list martians seq 60 permit 192.0.2.0/24 le 32 ip prefix-list martians seq 70 permit 192.168.0.0/16 le 32 ip prefix-list martians seq 80 permit 224.0.0.0/3 le 32 !! !! Exceptions for KPNQwest CH !! !! They were put in in June 2002, to allow painless renumbering for !! former KPNQwest CH customers who were surprised by their suspension !! of operations. !! !! **** THESE SHOULD BE REMOVED IN JUNE 2003 **** !! ip prefix-list martians seq 100 deny 195.48.0.0/16 le 24 ip prefix-list martians seq 110 deny 195.49.0.0/17 le 24 !! RIPE - http://www.ripe.net/ripe/docs/smallest-alloc-sizes.html !! see also: !! ftp://ftp.ripe.net/ripe/stats/issued/ !! ftp://ftp.ripe.net/pub/stats/ripencc/new/delegated-ripencc-latest ip prefix-list martians seq 200 deny 62.0.0.0/8 ge 9 le 19 ip prefix-list martians seq 210 deny 80.0.0.0/7 ge 9 le 20 !! Note that 83.0.0.0/8 and 84.0.0.0/8 have only just been allocated !! to RIPE, but there haven't been any allocations to LIRs, nor are !! these ranges even mentioned in RIPE's smallest-alloc-sizes.html. !! So the prefix length ranges here are just guesstimates. !! News: In <[EMAIL PROTECTED]>, Leo Vegoda from RIPE !! NCC posted to the NANOG list that RIPE will probably start !! allocating /21s from the new ranges. ip prefix-list martians seq 215 deny 82.0.0.0/8 ge 9 le 20 ip prefix-list martians seq 217 deny 83.0.0.0/8 ge 9 le 21 ip prefix-list martians seq 218 deny 84.0.0.0/8 ge 9 le 21 ip prefix-list martians seq 220 deny 193.0.0.0/8 ge 9 le 24 ip prefix-list martians seq 230 deny 194.0.0.0/8 ge 9 le 24 ip prefix-list martians seq 260 deny 195.0.0.0/8 ge 9 le 20 ip prefix-list martians seq 270 deny 212.0.0.0/7 ge 9 le 19 ip prefix-list martians seq 280 deny 217.0.0.0/8 ge 9 le 20 !! APNIC - http://www.apnic.net/db/min-alloc.html !! information on actual allocations: !! http://ftp.apnic.net/stats/apnic/new/delegated-apnic-latest !! more information about allocated ranges: !! http://www.apnic.net/db/ranges.html ip prefix-list martians seq 300 deny 60.0.0.0/7 ge 9 le 20 ip prefix-list martians seq 310 deny 202.0.0.0/7 le 24 ip prefix-list martians seq 320 deny 210.0.0.0/7 ge 9 le 20 ip prefix-list martians seq 340 deny 218.0.0.0/7 ge 9 le 20 ip prefix-list martians seq 350 deny 220.0.0.0/6 ge 9 le 20 !! ARIN - http://www.arin.net/statistics/index.html#cidr ip prefix-list martians seq 400 deny 24.0.0.0/8 le 20 ip prefix-list martians seq 410 deny 63.0.0.0/8 ge 9 le 19 ip prefix-list martians seq 420 deny 64.0.0.0/6 ge 9 le 20 ip prefix-list martians seq 430 deny 68.0.0.0/7 ge 9 le 20 ip prefix-list martians seq 440 deny 196.0.0.0/8 ge 9 le 24 ip prefix-list martians seq 450 deny 198.0.0.0/7 ge 9 le 24 ip prefix-list martians seq 470 deny 204.0.0.0/6 ge 9 le 24 ip prefix-list martians seq 480 deny 208.0.0.0/7 ge 9 le 20 ip prefix-list martians seq 490 deny 216.0.0.0/8 ge 9 le 20 !! LACNIC - http://www.lacnic.net/en/ipv4.html ip prefix-list martians seq 500 deny 200.0.0.0/8 ge 9 le 24 ip prefix-list martians seq 510 deny 201.0.0.0/8 ge 9 le 20 ! "Swamp" ip prefix-list martians seq 550 deny 192.0.0.0/8 ge 10 le 24 ! Fall-through for undocumented ranges of historical Class A/B/C space ip prefix-list martians seq 600 deny 0.0.0.0/1 ge 8 le 19 ip prefix-list martians seq 610 deny 128.0.0.0/2 ge 8 le 19 ip prefix-list martians seq 620 deny 192.0.0.0/3 ge 10 le 19 ! Parts of 195.0.0.0/8 that include PI assignments ! see: http://www.ripe.net/ripencc/mem-services/general/allocs4.html ! (under eu.zz) ip prefix-list martians seq 700 deny 195.7.0.0/19 le 24 ip prefix-list martians seq 701 deny 195.13.32.0/19 le 24 ip prefix-list martians seq 702 deny 195.20.96.0/19 le 24 ip prefix-list martians seq 703 deny 195.22.128.0/19 le 24 ip prefix-list martians seq 704 deny 195.24.64.0/19 le 24 ip prefix-list martians seq 705 deny 195.26.0.0/19 le 24 ip prefix-list martians seq 706 deny 195.35.64.0/18 le 24 ip prefix-list martians seq 707 deny 195.38.0.0/19 le 24 ip prefix-list martians seq 708 deny 195.39.192.0/18 le 24 ip prefix-list martians seq 709 deny 195.42.224.0/19 le 24 ip prefix-list martians seq 710 deny 195.43.32.0/19 le 24 ip prefix-list martians seq 711 deny 195.46.32.0/19 le 24 ip prefix-list martians seq 712 deny 195.47.192.0/18 le 24 ip prefix-list martians seq 713 deny 195.49.128.0/17 le 24 ip prefix-list martians seq 714 deny 195.66.0.0/19 le 24 ip prefix-list martians seq 715 deny 195.68.192.0/18 le 24 ip prefix-list martians seq 716 deny 195.69.64.0/18 le 24 ip prefix-list martians seq 717 deny 195.69.128.0/17 le 24 ip prefix-list martians seq 718 deny 195.72.96.0/19 le 24 ip prefix-list martians seq 719 deny 195.78.32.0/19 le 24 ip prefix-list martians seq 720 deny 195.80.224.0/19 le 24 ip prefix-list martians seq 721 deny 195.85.192.0/18 le 24 ip prefix-list martians seq 722 deny 195.128.32.0/19 le 24 ip prefix-list martians seq 723 deny 195.128.96.0/19 le 24 ip prefix-list martians seq 724 deny 195.128.160.0/19 le 24 ip prefix-list martians seq 725 deny 195.128.224.0/19 le 24 ip prefix-list martians seq 726 deny 195.135.192.0/18 le 24 ip prefix-list martians seq 727 deny 195.137.192.0/18 le 24 ip prefix-list martians seq 728 deny 195.140.128.0/17 le 24 ip prefix-list martians seq 729 deny 195.149.64.0/18 le 24 ip prefix-list martians seq 730 deny 195.149.192.0/18 le 24 ip prefix-list martians seq 731 deny 195.177.64.0/18 le 24 ip prefix-list martians seq 732 deny 195.177.192.0/18 le 24 ip prefix-list martians seq 733 deny 195.190.128.0/19 le 24 ip prefix-list martians seq 734 deny 195.190.224.0/19 le 24 ip prefix-list martians seq 735 deny 195.206.96.0/19 le 24 ip prefix-list martians seq 736 deny 195.214.192.0/18 le 24 ip prefix-list martians seq 737 deny 195.225.32.0/19 le 24 ip prefix-list martians seq 738 deny 195.225.64.0/18 le 24 ip prefix-list martians seq 739 deny 195.225.128.0/17 le 24 ip prefix-list martians seq 740 deny 195.234.128.0/17 le 24 ip prefix-list martians seq 741 deny 195.242.224.0/19 le 24 ip prefix-list martians seq 742 deny 195.245.192.0/18 le 24 ip prefix-list martians seq 743 deny 195.246.192.0/19 le 24 ip prefix-list martians seq 19999 permit 0.0.0.0/0 le 32 end -- Simon Leinen [EMAIL PROTECTED] SWITCH http://www.switch.ch/misc/leinen/ Computers hate being anthropomorphized. ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
