I would filter only if the root server operator is complaining about it...not to say I would do nothing; I would most definitely give the customer a call and strongly advise them to set up a local resolver, citing the volume of redundant traffic they're paying for... -C On Sun, Aug 04, 2002 at 09:15:26PM -0700, Stephen Stuart wrote:
IMO, Commercial ISPs should never filter customer packets unless specifically requested to do so by the customer, or in response to a security/abuse incident.
Let's say the customer operates some big enterprise network, runs their infrastructure in RFC1918 space ("for security," hah), and spews a couple kilobits of DNS query from that RFC1918 space toward the root nameservers. Assume that either pride or ignorance will prevent the customer from ever asking you to filter what you know to be garbage traffic. Does your rule to "never filter customer packets" mean you're going to sit and watch those packets go by?
If yes, why?
Stephen