I tend to disagree somewhat, you really have to put some context around the request and convey that to your provider. If the request is "please help me block this DDoS traffic so that I can contact the source as it's impacting my ability to do business" I think that is a reasonable request as long as it's not a permanent solution. I have worked through similar incidents in some datacenter in Northern Virginia (Sterling, Ashburn) and all of them accommodated that request at no cost. -- Michael Gatti ekim.ittag@gmail.com On Oct 27, 2011, at 8:09 PM, James Ashton wrote:
Christopher, This is pretty common policy. Not many datacenters of any size is going to act differently. If you don't purchase this service then you will not get the service.
They may be willing work work with you on black-holing problem IPs though. This is pretty common, but don't expect a filtering package without purchasing it.
James
----- Original Message ----- From: "Christopher Pilkington" <cjp@0x1.net> To: "NANOG mailing list" <nanog@nanog.org> Sent: Tuesday, October 25, 2011 2:43:00 PM Subject: Colocation providers and ACL requests
Is it common in the industry for a colocation provider, when requested to put an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
-cjp