[50569] in North American Network Operators' Group
Re: NSPs filter?
daemon@ATHENA.MIT.EDU (Chris Woodfield)
Mon Aug 5 09:09:34 2002
Date: Mon, 5 Aug 2002 09:05:28 -0400
From: Chris Woodfield <rekoil@semihuman.com>
To: Stephen Stuart <stuart@tech.org>
Cc: nanog@merit.edu
In-Reply-To: <200208050415.g754FQb58159@lo.tech.org>
Errors-To: owner-nanog-outgoing@merit.edu
--nFreZHaLTZJo0R7j
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I would filter only if the root server operator is complaining about=20
it...not to say I would do nothing; I would most definitely give the=20
customer a call and strongly advise them to set up a local resolver,=20
citing the volume of redundant traffic they're paying for...
-C
On Sun, Aug 04, 2002 at 09:15:26PM -0700, Stephen Stuart wrote:
>=20
> > IMO, Commercial ISPs should never filter customer packets unless
> > specifically requested to do so by the customer, or in response to a
> > security/abuse incident.
>=20
> Let's say the customer operates some big enterprise network, runs
> their infrastructure in RFC1918 space ("for security," hah), and spews
> a couple kilobits of DNS query from that RFC1918 space toward the root
> nameservers. Assume that either pride or ignorance will prevent the
> customer from ever asking you to filter what you know to be garbage
> traffic. Does your rule to "never filter customer packets" mean you're
> going to sit and watch those packets go by?
>=20
> If yes, why?
>=20
> Stephen
--nFreZHaLTZJo0R7j
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9TngYqP/YiunDNcERAs0IAKC/8GRvHlvwOUUX/3Ui6FZk2QcozwCg1c4h
r5eCxRrP7yrpeujo8i4x5cE=
=ga92
-----END PGP SIGNATURE-----
--nFreZHaLTZJo0R7j--
