[145889] in North American Network Operators' Group
Re: Colocation providers and ACL requests
daemon@ATHENA.MIT.EDU (Paul Graydon)
Tue Oct 25 20:16:26 2011
Date: Tue, 25 Oct 2011 14:15:19 -1000
From: Paul Graydon <paul@paulgraydon.co.uk>
To: nanog@nanog.org
In-Reply-To: <B671B0C8-45EA-40A6-A7C9-0EB2C217B1C7@0x1.net>
X-SA-Exim-Mail-From: paul@paulgraydon.co.uk
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 10/25/2011 08:43 AM, Christopher Pilkington wrote:
> Is it common in the industry for a colocation provider, when requested to put an egress ACL facing us such as:
>
> deny udp any a.b.c.d/24 eq 80
>
> …to refuse and tell us we must subscribe to their managed DDOS product?
>
> -cjp
>
>
For colo? No, filtering is the customers concern, unless failure to do
so is causing a problem for the colo network. Such services are almost
always paid for add-ons to a colo package. The colocation business is
usually fairly low on the profit margin with most companies trying to
get away with the bare minimum possible over and above the basics.
