[145878] in North American Network Operators' Group
Re: Colocation providers and ACL requests
daemon@ATHENA.MIT.EDU (PC)
Tue Oct 25 15:08:47 2011
In-Reply-To: <5B2D20A1-AABF-409B-BE60-220732D5CAD6@0x1.net>
Date: Tue, 25 Oct 2011 13:07:36 -0600
From: PC <paul4004@gmail.com>
To: Christopher Pilkington <cjp@0x1.net>
Cc: NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Why not put the ACL on your ingress side at your switch or router?
I would typically not expect a colo provider to provide this service unless
I'm paying extra for it.
The smaller they are, the more likely they are to do so to keep you happy,
but I certainly wouldn't be asking this request unless it was some 11th hour
DOS-prevention request.
Even then, they may not want to install this ACL as ultimately they should
be billing you for this UDP traffic (which this ACL, may prevent their
billing system from metering).
On Tue, Oct 25, 2011 at 12:53 PM, Christopher Pilkington <cjp@0x1.net>wrote:
> On Oct 25, 2011, at 2:50 PM, Brandon Galbraith wrote:
>
> > On Tue, Oct 25, 2011 at 1:46 PM, Keegan Holley <
> keegan.holley@sungard.com>wrote:
> >
> >> Depends on the provider. Many just do not want to manage hundreds of
> >>
> > Conversely, some don't want to be paid for bare colocation (at bare
> > colocation prices) and have to then support 1000+ rules (yes, 1000+) with
>
> This is a large colo provider on the Upper West Side of Manhattan, so I
> (naively) expected more of them. It looks like this will be their final
> nail though.
>
> -cjp
>
>
>
