I'm hoping someone has had the same experiences, and is further toward a resolution on this than I am. About 6 months ago, we noticed that XO was blackholing one specific IP out of a /24. Traces to that IP stopped on XO's network, traces to anything else out of the block went through fine. XO finally admitted that they had a new security system that identifies suspicious traffic and automatically blocks the IP for 30 minutes. We had to get the IP in question "whitelisted" by their security guys. The traffic was all legit, it was just on a high port # that they considered suspicious. There have several more cases like this, and XO has not been forthcoming with information. We're either looking to be exempted from this filtering or at least get a detailed description of how the system works. I'm not sure how they think this is acceptable from a major transit provider. Anybody else had similar problems? Clayton Haydel