
<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Correct - I was mostly referring to the unallocated yet public space (the 11 remaining /8s that are currently "bogon") that will most likely be allocated and then not bogon within the next 12 months (probably much sooner).  If you're manually updating your bogon filters, most likely you'll run into problems like this (I have when we were still blocking 2.0.0.0/8).<div><br><div>If you want to get really fancy you can just use this list instead - <a href="http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt">http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt</a> (though I would only use such a list if I was automatically updating my bogon filters)<div><br><div><div>On Nov 17, 2010, at 12:02 PM, Richard Chiswell wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>Well, it's worth blocking<br>0.0.0.0/8, 10.0.0.0/8, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.168.0.0/16<br>as those ranges shouldn't appear on the public intertubes. [ <a href="http://www.rfc-editor.org/rfc/rfc3330.txt">http://www.rfc-editor.org/rfc/rfc3330.txt</a> ]<br><br>Rich<br><br>On 17/11/2010 16:56, Chris Cook wrote:<br><blockquote type="cite">Just as a friendly FYI - your bogon filter should probably match this: <a href="http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt">http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt</a> (and realistically you might as well not block most of that since it will all be allocated within the next 12 months).<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">On Nov 17, 2010, at 9:04 AM, Tollef Fog Heen wrote:<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite"><blockquote type="cite">]] Ivan Dario Diaz<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| I have tested several IP's of Redpill Linpro AS (it seems like your<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| Hosting Provider) and mostly of them works, but varnish related (deb<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| trac planet www) IP's doesn't work. As you know there are a huge of<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| users in amazon EC2 using Varnish. It will be a problem to all of them.<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">|<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| I'm not saying that the blocking is in your servers. But all my tests<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">| appoint to that. Please help us with that.<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">Indeed, our firewall had the Ťblock bogon networksť turned on, and it<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">seems like the list hadn't been updated in a while.  I've fixed this<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">now.<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">-- <br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">Tollef Fog Heen<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">Varnish Software<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">t: +47 21 98 62 64<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">_______________________________________________<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite">varnish-misc mailing list<br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><a href="mailto:varnish-misc@varnish-cache.org">varnish-misc@varnish-cache.org</a><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><a href="http://lists.varnish-cache.org/mailman/listinfo/varnish-misc">http://lists.varnish-cache.org/mailman/listinfo/varnish-misc</a><br></blockquote></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">_______________________________________________<br></blockquote><blockquote type="cite">varnish-misc mailing list<br></blockquote><blockquote type="cite"><a href="mailto:varnish-misc@varnish-cache.org">varnish-misc@varnish-cache.org</a><br></blockquote><blockquote type="cite"><a href="http://lists.varnish-cache.org/mailman/listinfo/varnish-misc">http://lists.varnish-cache.org/mailman/listinfo/varnish-misc</a><br></blockquote><br><br>_______________________________________________<br>varnish-misc mailing list<br><a href="mailto:varnish-misc@varnish-cache.org">varnish-misc@varnish-cache.org</a><br>http://lists.varnish-cache.org/mailman/listinfo/varnish-misc<br></div></blockquote></div><br></div></div></div></body></html>