[62591] in North American Network Operators' Group
RE: Providers removing blocks on port 135?
daemon@ATHENA.MIT.EDU (Matthew Kaufman)
Fri Sep 19 13:16:28 2003
From: "Matthew Kaufman" <matthew@eeph.com>
To: "'Owen DeLong'" <owen@delong.com>,
"'Jack Bates'" <jbates@brightok.net>,
"'Adam Hall'" <Adam.Hall@networktelephone.net>
Cc: <nanog@nanog.org>
Date: Fri, 19 Sep 2003 10:14:43 -0700
In-Reply-To: <2147483647.1063965772@imac-en0.delong.sj.ca.us>
Errors-To: owner-nanog-outgoing@merit.edu
I agree entirely with this. You shouldn't call yourself an ISP unless you
can transport the whole Internet, including those "bad Microsoft ports",
between the world and your customers.
On the other hand, what's a provider to do when their access hardware can't
deal with a pathological set of flows or arp entries? There isn't a good
business case to forklift out your DSLAMs and every customer's matching CPE
when a couple of ACLs will fix the problem. For that matter, there isn't a
very good business case for transporting Nachi's ICMP floods across an
international backbone network when you can do a bit of rate-limiting and
cut your pipe requirements by 10-20%.
Matthew Kaufman
matthew@eeph.com
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On
> Behalf Of Owen DeLong
> Sent: Friday, September 19, 2003 10:03 AM
> To: Jack Bates; Adam Hall
> Cc: 'nanog@nanog.org'
> Subject: Re: Providers removing blocks on port 135?
>
>
>
> FWIW, my opinion is that blocking this at the customer edge
> per customer request is fine. Any other blocking by an ISP
> is damage and should be routed around like any other internet damage.
>
> Owen
>
