On Thu, Jul 23, 2015 at 6:25 AM, Justin M. Streiner <streiner@cluebyfour.org
wrote:
On Thu, 23 Jul 2015, Nicholas Warren wrote:
How will the customer know the ISP is blocking the traffic? Does the FCC
make ISPs disclose this information?
If a customer is legitimately trying to reach someone in one of the affected IP ranges and failing, at some point, they will either a) give up and try later, or b) contact their provider to try to find out what's going on.
If it's something widespread enough that the ISP's support line is blowing up with calls, I'd hope they would either put some sort of announcement on their website/support site/support line.
As with anything else in the ISP world, it's about striking an appropriate balance. If ISP X is getting hit with DDoS traffic hard enough to severely impact their business, that can warrant an emergency response, albeit likely a short-term/tactical response. If not, perhaps a more limited response is better. Again, each provider is free to run their network as they see fit.
The balance point can also change if downstream ISPs are involved, since ISP X might be making the decision to block or not block traffic for the downstreams, with or without their consent.
jms
I agree with you about balance. The issue is that for many of us, UDP floods / DDoS, is daily business. It is not an emergency when you have a baseline for UDP and police it. Or, you can careen from emergency to emergency. CB
On 07/22/2015 09:01 PM, Justin M. Streiner wrote:
You're certainly free to block whatever traffic you wish, but your customers might not appreciate a heavy-handed approach to stopping bad traffic at the gates.