On Tue, Oct 25, 2011 at 2:43 PM, Christopher Pilkington <cjp@0x1.net> wrote:
Is it common in the industry for a colocation provider, when requested to put an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
Christopher, That seems reasonable to me. You're buying colo and transit, not firewall service. If you want firewall service, that's extra. If you do decide to move, I suggest a carrier neutral facility so that you can change transit providers without moving your equipment. The easier it is for you to walk away, the more accommodating vendors tend to be. Seeing much port 80 UDP traffic? My curiosity is piqued. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004