Skip to main content

Home Bogon filtering

Bogon filtering

Bogon filtering definition

Bogon filtering is a technique used in computer networking to block bogus (hence “bogon”) IP addresses. These IP addresses have not been assigned to a host by an internet registry and should not appear in internet traffic.

See also: IP address blocking, ingress filtering

Bogon filtering methods

  • Static filtering involves creating a static (unchanging) list of all bogon IP addresses. Network devices like routers and firewalls can then use this list to block any traffic that originates from these addresses. However, the list can become outdated and requires periodic manual updates.
  • Dynamic filtering uses services that provide real-time lists of all unallocated IP addresses, i.e., current bogons. These services constantly update the list based on changes in IP address allocation. Network devices can receive regular updates from these services to maintain an accurate list for filtering. This method is more effective and reliable than static filtering as it accounts for real-time changes.

These techniques can be implemented in several ways depending on the network hardware and software. For example, access control lists (ACLs), firewall rules, and router configurations can be used for filtering.

Bogon filtering uses

  • Spoofing prevention. Bogon filtering helps prevent IP spoofing, where an attacker pretends to be a trusted system by using an IP address that is not theirs.
  • Improving network security. By blocking traffic from unassigned IP addresses, networks can prevent attacks and unauthorized activities.
  • Saving network resources. Bogon filtering can reduce unnecessary traffic, freeing up network resources for legitimate uses.