ISP port blocking practice

• Previous message (by thread): ISP port blocking practice
• Next message (by thread): ISP port blocking practice
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 22 Oct 2009, Zhiyun Qian wrote:

> the common practice for you and your ISP)? More specifically, when ISPs try 
> to block certain outgoing port (port 25 for instance), they could do two 
> rules:
> 1). For any outgoing traffic, if the destination port is 25, then drop the 
> packets.
> 2). For any incoming traffic, if the source port is 25, then drop the 
> packets.
>
> Note that either of the rule would be able to block outgoing port 25 traffic 
> since each rule essentially represent one direction in a TCP flow. Of course, 
> they could apply both rules. However, based on our measurement study, it 
> looks like most of the ISPs are only using rule 1). Is there any particular 
> reason why rule 1) instead of rule 2)? Or maybe both?

Because rule 1 prevents the target server from having to respond to the 
initial connection request in the first place thereby reducing load on the 
server and reducing network traffic.  Ie. both rules prevent the 
connection but 1 stops it earlier.

Antonio Querubin
808-545-5282 x3003
e-mail/xmpp:  tony at lava.net

• Previous message (by thread): ISP port blocking practice
• Next message (by thread): ISP port blocking practice
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]