On 04/02/14 16:31, Livingood, Jason wrote:
Can somebody explain to me why those who run eyeball networks are able to block outbound packets when the customer hasn't paid their bill, but can't seem to block packets that shouldn't be coming from that cablemodem?
i suspect the non-payment case is solved at a layer below three
In a DOCSIS network the source address verification (as Tony said) is typically done on the CMTS IIRC. Turning a customer off for non-payment is done in an accounts management / billing system.
While I am sure continuing to agree with each other that spoofing is bad, we lack actionable data. ;-) As I said in another thread, I think someone / some group needs to invest to collect actual data and share the results openly.
So any volunteers out there? I¹m sure there are lots of ways to underwrite independent research on the subject (contact me off-list).
Maybe I'm oversimplifying things but I'm really curious to know why can't the nearest-to-end-user ACL-enabled router simply have an ACL to only allows packets from end-users that has a valid source-address from the network segment they provide service to. What I'm failing to understand, and again, please excuse me if I'm oversimplifying, is what data do you need from researchers, specifically. What specific actionable data would be helpful? Why does the lack of the data prevent you from applying an ACL.