[32396] in North American Network Operators' Group
RE: ISPs as content-police or method-police
daemon@ATHENA.MIT.EDU (Hank Nussbacher)
Tue Nov 21 00:49:14 2000
Message-Id: <4.3.2.7.2.20001121073509.00add730@max.ibm.net.il>
Date: Tue, 21 Nov 2000 07:45:47 +0200
To: Roeland Meyer <rmeyer@mhsc.com>, "'Ben Browning'" <benb@oz.net>,
nanog@merit.edu
From: Hank Nussbacher <hank@att.net.il>
In-Reply-To: <47FE39302BF73B4C93BC84B87341282C1F14@condor.lvrmr.mhsc.com
>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
At 09:42 20/11/00 -0800, Roeland Meyer wrote:
>No, we cannot all agree to that. I cannot condone anyone else applying their
>ideology, by force or default, on someone else, unless specifically
>requested. As a downstream customer, the backbone is nearly unreachable from
>a services perspective. If CERFNET started to do port-filtering then the
>only means I (I assume that everyone here has sufficient clue to find my
>upstream) have to change that is to either sue CERFNET or start looking for
>an ISP that has a different backbone provider. CERFNET tech support will not
>even talk to second or third level customers. In essence, it eliminates the
>secondary re-seller market from contention. You risk getting sued, not only
>from the downstream customer, but your own downstream as well.
>
>The ONLY one that should be even dreaming about doing something like this is
>the direct upstream to the leaf nodes, and then ONLY with permission.
>Otherwise, no ports should ever be filtered by any transit provider.
Do you block traffic to broadcast addresses (inbound or outbound) -
.255? Do you rate limit (CAR) ICMP or SYNs at your border routers? If so,
you too are doing content filtering. Part of your AUP should be a full
disclosure of what you block or rate limit and then let the customer ask
for it to be opened.
Your definition of content filtering is just one of many. Any blocking of
*any* bit of IP data flow is some form of content filtering.
In the end it comes down to a subjective analysis of what each ISP
considers harmful traffic that can be used to disrupt their network. This
differs from true content filtering (sex, hate, terrorism, etc.) and should
therefore be renamed 'harmful network data' filtering.
-Hank
>By God, we PAY for open pipes and there are standard remedies when we don't
>get what we pay for.
