[104551] in North American Network Operators' Group
[NANOG] Limiting ICMP
daemon@ATHENA.MIT.EDU (Drew Weaver)
Sat May 17 23:54:08 2008
From: Drew Weaver <drew.weaver@thenap.com>
To: "Nanog@merit.edu" <Nanog@merit.edu>
Date: Sat, 17 May 2008 23:53:00 -0400
Errors-To: nanog-bounces@nanog.org
Hi there,
I'm wondering if anyone else has run into this/has heard of/(is responsible for)/knows the reason behind large IP providers limiting ICMP on outbound connections to the same amounts regardless of the size of the circuit?
Apparently after one of our upstream providers switched to Juniper for some of their equipment their engineers recommended that they limit ICMP on all customer facing connections to 5mbps. I understand that preventing DDoS is important but why A) would they apply the same rule to our OC-48 that they apply to someone else's T1/DS-3 and B) why is that a requirement for Juniper gear?
(do people still DDoS with ICMP these days? I see a lot of what looks like udp.pl and hardly any ICMP attack traffic anymore)
Sorry as usual if i'm off-topic.
-Drew
_______________________________________________
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog
