[101995] in North American Network Operators' Group
Re: Lessons from the AU model
daemon@ATHENA.MIT.EDU (Mark Newton)
Tue Jan 22 06:25:22 2008
Cc: nanog@merit.edu
From: Mark Newton <newton@internode.com.au>
To: Mikael Abrahamsson <swmike@swm.pp.se>
In-Reply-To: <alpine.DEB.1.00.0801220953230.27313@uplift.swm.pp.se>
Date: Tue, 22 Jan 2008 21:39:26 +1030
Errors-To: owner-nanog@merit.edu
On 22/01/2008, at 7:30 PM, Mikael Abrahamsson wrote:
> I am also hesitant regarding billing when a person is being DDOS:ed.
> How is that handled in .AU? I can see billing being done on outgoing
> traffic from the customer because they can control that, but what
> about incoming, the customer has only partial control over that.
It isn't hard. For a start, there are only one or two providers where
customers ever get excess bills, so we aren't really talking about
"billing when a person is being DDOS'ed", we're talking about "rate-
limiting
after a person has been DDOS'ed."
On the rare occasion when it happens, the ISPs who aren't bastards
are usually understanding enough to back out measurements which are
DDOS related. Whether or not your ISP is a bastard is one of the
factors you'd use to determine which ISP is offering a package that
fits your needs in a competitive environment.
In my observation, customers who are repeatedly DDOS'ed are usually
doing something to provoke it. I don't think I've ever seen an instance
where a DDOS'ed customer has had a repeat occurrance after that
datapoint
is illuminated for them.
- mark
--
Mark Newton Email: newton@internode.com.au
(W)
Network Engineer Email:
newton@atdot.dotat.org (H)
Internode Systems Pty Ltd Desk: +61-8-82282999
"Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223
