RFC3330 is the list of bogons, or ip addresses that we should not see as the source addresses coming into our networks. Furthermore it is named in the CCIE Security Blueprint and therefore a topic that we must be familiar with. I would certainly read through all of the RFC's mentioned in the blueprint for some general familiarity. When it comes to RFC3330 the address ranges cannot be found in the online DocCD therefore, it seems that there is some daunting memorization that is necessary. However, there is really not that much to memorize. The problem is the order in which the address ranges are listed is numeric order instead of grouping them in a logical way that is easy to memorize. Let's simplify this a bit.
The original list is listed immediately below. It is only listed here for completeness, the simplified view located on down in the document. Address Block Present Use Reference
---------------------------------------------------------------------
0.0.0.0/8 "This" Network [RFC1700, page 4]
10.0.0.0/8 Private-Use Networks [RFC1918]
14.0.0.0/8 Public-Data Networks [RFC1700, page 181]
24.0.0.0/8 Cable Television Networks --
39.0.0.0/8 Reserved but subject
to allocation [RFC1797]
127.0.0.0/8 Loopback [RFC1700, page 5]
128.0.0.0/16 Reserved but subject
to allocation --
169.254.0.0/16 Link Local --
172.16.0.0/12 Private-Use Networks [RFC1918]
191.255.0.0/16 Reserved but subject
to allocation --
192.0.0.0/24 Reserved but subject
to allocation --
192.0.2.0/24 Test-Net
192.88.99.0/24 6to4 Relay Anycast [RFC3068]
192.168.0.0/16 Private-Use Networks [RFC1918]
198.18.0.0/15 Network Interconnect
Device Benchmark Testing [RFC2544]
223.255.255.0/24 Reserved but subject
to allocation --
224.0.0.0/4 Multicast [RFC3171]
240.0.0.0/4 Reserved for Future Use [RFC1700, page 4]
Now that list is just way too much to memorize, especially when you have a lot of other things going on with Lab day. To simplify this, we need to regroup the addresses. First of all as CCIE Security candidates, we all know the RFC1918 addresses- 10.0.0.0/8
192.168.0.0/16
172.16.0.0/12 The Autonet IP addresses are also very common and easy to remember- 169.254.0.0/16 We also know that Class D and Class E should not be the source of any incoming traffic- 224.0.0.0/4 240.0.0.0/4 The next thing to do is to list the first and last subnet of the Class A, Class B and Class C ranges- 0.0.0.0/8 127.0.0.0/8 (also happens to be the loopback range)
128.0.0.0/16
191.255.0.0/16
192.0.0.0/24
223.255.255.0/24
So what does that leave to memorization? 14.0.0.0/8 -- Public Data Networks
24.0.0.0/8 -- Cable Television
39.0.0.0/8 -- Reserved
192.0.2.0/24 -- Test-Net
192.88.99.0/24 -- 6to4 Relay
198.18.0.0/15 -- Benchmark Now I will not say that this is a completely trivial task, but it is necessary. I would recommend understanding instead of memorizing the addresses with the exception of the last six ranges. Those last six ranges are pretty easy to memorize. The first two flow into my mind very easily, and its easy to add on the third. The only one I struggle with is 198.18.0.0/15. Maybe you look at them last thing before you leave your hotel and write them down on the paper as soon as you complete your OEQ's. If you are lucky enough to get a "configure RFC3330 on interface x", it could be some easy and quick points. For me this is much easier than memorizing the whole list as laid out in the RFC If you found this document useful, please share it with your friends. If you have anything to add, please comment below.
|
