On 2/20/2020 10:41 AM, Dave Bell wrote:
Not indiscriminate.
Indiscriminate - done at random or without careful judgement.
Considering that Daniel is complaining that QUIC is broken, it certainly seems like some network operators are subjecting all UDP traffic on their network to the same policers. This feels pretty indiscriminate to me.
I'm all for policing the known baddies, such as CHARGEN and NTP, but to discard UDP for fun is like taking a sledgehammer where a scalpel will do.
Access networks need controls to maintain uptime against the non-stop barrage of ddos attacks. I am sure you have seen the headlines and mails on this list, ddos is hard to deal with. Access network will use whatever tools are required to keep the pagers quiet and customers happy.
I operate an access network that does not blanket police UDP. Google give me a dashboard that tell me 45% of requests were served happily by QUIC, and I have no customers complaining about things not working, and our pagers are silent.
Dave, just wanted to say that I 100% agree with your comments. The bad actors are well known. I believe treating all UDP as bad is misguided. Like you, I assist in operation of several access networks that do not blanket police UDP and my pager remains relatively silent.