On Sun, 17 Apr 2005, J.D. Falk wrote:
On 04/17/05, Randy Bush <randy@psg.com> wrote:
On my Cisco-based SP network with RPMs in MGX chassis acting as PEs: I have the ACL below applied on many network devices to block the common worms ports,
if you are a service provider, perhaps filtering in the core will not be appreciated by some customers. of course, as a provider, you can choose what 'service' you are providing. but, if you filter ports, it is not clear you are providing internet service.
In practice, it is nearly certain that your users won't care (or even notice) -- but grumpygeeks will argue about it anyway.
interesting... everytime we have filtered in the core we've gotten complaints, I believe many folks filtered/rate-limited in their cores for welchia/nachia and got bunches of complaints about it as well... Hrm, maybe all of these folks are just grumpy-geeks?