Lately, we have been running into this problem more and more. One of our upstreams AT&T buys transit from Teleglobe. Teleglobe it seems subscribes to the maps.vix.com realtime blackhole list via BGP. Now, I am all for limiting SPAM and such, but its starting to be an operational headache having to deal with customers asking our support staff why they cannot get to a certain web site. The one that hit our support lines the most was 24.0.0.200 which was members.home.com. It can be a challenge explaining the simplest of issues to end users, let alone upstream transit providers using bgp to blackhole a host. The customer just wants to get to the granny's knitting guild! At least with SMTP blocking, one end gets a message stating "their mail is unwelcome, see .... for details", where as when an intermediary is dropping all data, the end user just gets a vague error. My questions is, if you were buying transit from an upstream, and that upstream decided to partake in some sort of content filtering, how would you feel ? Do you think its right for transit providers to do so ? Its one thing if I choose to use this facility, but I feel a little helpless if two ASs away from me uses it... i.e. upstream says, "this way to 24.0.0.0/12", but then drops data going to 24.0.0.200/32. I dont want to have to fill me router with a bunch of /32s so I can exit out UUnet to get around this. Yes, sure I want a proactive upstream to stop network abuse... particularly abuse issues, where I need their cooperation such as smurf attacks and such. But on issues, where I have all the necessary tools and choice to deal with said issue (in this case SPAM), I would prefer it be left up to me on how I deal with foreign SPAM sites. ---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada *
On Tue, 9 Nov 1999, Mike Tancsa wrote:
Lately, we have been running into this problem more and more. One of our upstreams AT&T buys transit from Teleglobe. Teleglobe it seems subscribes to the maps.vix.com realtime blackhole list via BGP. Now, I am all for limiting SPAM and such, but its starting to be an operational headache having to deal with customers asking our support staff why they cannot get to a certain web site. The one that hit our support lines the most was 24.0.0.200 which was members.home.com. It can be a challenge explaining the simplest of issues to end users, let alone upstream transit providers using bgp to blackhole a host. The customer just wants to get to the granny's knitting guild! At least with SMTP blocking, one end gets a message stating "their mail is unwelcome, see .... for details", where as when an intermediary is dropping all data, the end user just gets a vague error.
My questions is, if you were buying transit from an upstream, and that upstream decided to partake in some sort of content filtering, how would you feel ? Do you think its right for transit providers to do so ? Its one thing if I choose to use this facility, but I feel a little helpless if two ASs away from me uses it... i.e. upstream says, "this way to 24.0.0.0/12", but then drops data going to 24.0.0.200/32. I dont want to have to fill me router with a bunch of /32s so I can exit out UUnet to get around this.
Yes, sure I want a proactive upstream to stop network abuse... particularly abuse issues, where I need their cooperation such as smurf attacks and such. But on issues, where I have all the necessary tools and choice to deal with said issue (in this case SPAM), I would prefer it be left up to me on how I deal with foreign SPAM sites.
Well it is hard issue, shortly after I started NetRail I subscribed to the BGP blackhole feed. Most of my dedicated customer were happy or did not mind, I had one or two that did not like it. I offered them credit and said they could find a new backbone provider. SPAM is something I try as hard as I can to get rid of, without things like the blackhole feed it takes off. Nets that are blocked by the feed can be removed if they following the removal instructions (basically fix their systems and get rid of the spam). If you have a customer that is not happy that they can't reach a server on the @Home network, tell them the issues and have them call @Home. P.S. @Home, when are you going to get some connectivity to UUNet? Having my packets travel across the US to CIX is a pain in the butt.
<> Nathan Stratton Tricetel Consulting http://www.tricetel.net nathan@tricetel.net http://www.robotics.net nathan@robotics.net
---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada *
participants (2)
-
Mike Tancsa
-
Nathan Stratton