[45240] in North American Network Operators' Group
Re: traffic filtering
daemon@ATHENA.MIT.EDU (Stephen Griffin)
Thu Jan 24 12:04:37 2002
Message-Id: <200201241704.MAA00571@elektra.ultra.net>
In-Reply-To: <200201212253.RAA05576@elektra.ultra.net> from Stephen Griffin at "Jan 21, 2002 05:53:16 pm"
To: nanog@merit.edu
Date: Thu, 24 Jan 2002 12:04:04 -0500 (EST)
From: Stephen Griffin <stephen.griffin@rcn.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Thank you all for your responses public and private. About 4 respondents
stated they do filter (traffic) on /24 network/broadcast boundaries.
It appears that microsoft boxes may have some issues due to bugs in their
networking code. I'm going to attempt to address those with Microsoft.
In response to my queries, none of the respondents stated why rate-limitting
certain icmp message types would not be sufficient to all-out filtering.
The prevalent supporting argument was that old or buggy gear may have
trouble with addresses ending in ".0" or ".255", and that others filter.
Several folks mentioned sizable providers that do allocate addresses
with ".0" and ".255" (some were mentioned privately, so I'll omit those)
to include mediaone and aol.
How folks choose to filter is their own business, but I would respectfully
request that consideration be made into alternatives that address their
needs while encouraging vlsm, and connectivity for legitimate ip addresses.
Thank you all,
Stephen
