On 05/01/2013 05:40 AM, Thomas Schmid wrote:
Joel,
Am 30.04.2013 18:00, schrieb joel jaeggli:
On 4/30/13 8:23 AM, Thomas Schmid wrote:
On 30.04.2013 17:07, Chris Boyd wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits (Disregarding a DoS or similiar situation which impedes said network) 2) Prefix filter - Don't be a party (at least in one direction) to the bad actors traffic.
3 - Deliver all packets unless I've signed up for an enhanced security offering?
right - I see this really as something that should be decided at the edge of the internet (Tier2+) and not in the core. You seem to have odd ideas about what it means to be a settlement free provider. Most of their customers are not smaller internet service providers.
I know what it means to be a customer of $LargeGlobalISPthatsellsTransittootherISPs since 1995 and I have *never* seen one of these guys blackholing single IPs on their own (and I'm not talking about RTB, botnet controllers that threaten to kill the internet etc.). Now since a few weeks we get regular complaints about this. So something has changed.
The sensitive approach would really be to make this an opt-in service for their customers and not a default service without opt-out option. In times of CGN and hundrets or thousands of websites behind one IP, blocking addresses is not the right answer to the phishing problem.
... or perhaps on an internet where many network owners block / police / throttle packets by source or destination, implementing CGN or stacking thousands of websites behind one IP address are poor solutions to the connectivity problem. My only issue is the lack of information provided when blocks go into place. I would love to see networks provide information publicly that shows what is being blocked along with a description of why. A history that extends for a few days would be a bonus. -DMM