[118047] in North American Network Operators' Group
Re: NEED Some HELP
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Sat Oct 10 05:21:39 2009
From: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <16a26ba20910100212i2158e929peef59520613150c8@mail.gmail.com>
Date: Sat, 10 Oct 2009 16:24:35 +0700
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 10, 2009, at 4:12 PM, Bong Barnido wrote:
> I cannot ping the IP on my Cisco 6509 from the internet.
Quite out of the context of the connectivity issue you're trying to
troubleshoot, it's in fact extremely desirable to have your 6509 (and
all your routers, for that matter) unpingable from the outside your
own network. The BCP is to use iACLs, CoPP, et. al. to keep out all
unsolicited traffic headed to, as opposed to through (like traceroute,
pinging customer hosts, etc.), your network infrastructure.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Sorry, sometimes I mistake your existential crises for technical
insights.
-- xkcd #625
