ISP port blocking practice
Antonio Querubin
tony at lava.net
Thu Oct 22 17:32:42 UTC 2009
On Thu, 22 Oct 2009, Zhiyun Qian wrote:
> the common practice for you and your ISP)? More specifically, when ISPs try
> to block certain outgoing port (port 25 for instance), they could do two
> rules:
> 1). For any outgoing traffic, if the destination port is 25, then drop the
> packets.
> 2). For any incoming traffic, if the source port is 25, then drop the
> packets.
>
> Note that either of the rule would be able to block outgoing port 25 traffic
> since each rule essentially represent one direction in a TCP flow. Of course,
> they could apply both rules. However, based on our measurement study, it
> looks like most of the ISPs are only using rule 1). Is there any particular
> reason why rule 1) instead of rule 2)? Or maybe both?
Because rule 1 prevents the target server from having to respond to the
initial connection request in the first place thereby reducing load on the
server and reducing network traffic. Ie. both rules prevent the
connection but 1 stops it earlier.
Antonio Querubin
808-545-5282 x3003
e-mail/xmpp: tony at lava.net
More information about the NANOG
mailing list