[194726] in North American Network Operators' Group
Re: BCP38/84 and DDoS ACLs
daemon@ATHENA.MIT.EDU (valdis.kletnieks@vt.edu)
Fri May 26 13:54:39 2017
X-Original-To: nanog@nanog.org
From: valdis.kletnieks@vt.edu
X-Google-Original-From: Valdis.Kletnieks@vt.edu
To: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <7BB753C8-7F99-4129-9E5B-97225866922B@arbor.net>
Date: Fri, 26 May 2017 13:54:28 -0400
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1495821268_2776P
Content-Type: text/plain; charset=us-ascii
On Sat, 27 May 2017 00:19:34 +0700, Roland Dobbins said:
> servers/services/applications/users you have, et. al. You may need one
> set of ACLs at the peering/transit edge, and other, more specific ACLs,
> at the IDC distribution gateway, customer aggregation gateway, et. al.
I'll go out on a limb and suggest that except for a very basic home/SOHO
network, "You may need" should be "You will probably need".
--==_Exmh_1495821268_2776P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.8.0 04/21/2017
iQEVAwUBWShr1I0DS38y7CIcAQKuvgf/SONBAYb9q51t/qbr/Qxaf/eQEXqhVaNQ
BjTW2jBn0zEfyBt9a/K9W8sxxgYO5YPXshAeeKj/nEDhjzJAIboO9780JodoBjPZ
SE6jI2lqZE0ZbE1ir/tT1TJBdWeMSlEoGC4oKNxK56uRkU6BDxmlsrck9RaTmPOD
DVdfIGJ/ZC6jpX8rpebbI2b/VeU8E8tTylvgyXWymhjYWOyNhFvW6vlIRSJvfO4t
p5zKFa1tdIjsSJSFIsd8mtGiH9RdYC3lTNsJ0vPqNfiYJKJzd5RvhyNzbxuJPz56
s15Jjr19DuAQRfl5qcCoEavby6nUNsbq/7oRRSiyEN6Fs6HnorbJbQ==
=oC73
-----END PGP SIGNATURE-----
--==_Exmh_1495821268_2776P--
