Colocation providers and ACL requests
Kevin Loch
kloch at kl.net
Tue Nov 1 18:22:31 UTC 2011
Christopher Pilkington wrote:
> Is it common in the industry for a colocation provider, when requested to put an egress ACL facing us such as:
>
> deny udp any a.b.c.d/24 eq 80
>
> …to refuse and tell us we must subscribe to their managed DDOS product?
We have always accommodated temporary ACL's for active DDOS attacks. I
think that is fairly standard across the ISP/hosting industry.
I do feel it is bad practice to regularly implement customer specific
ACL's on routers. If a customer wants a managed firewall we have a
full range of those services available.
- Kevin
More information about the NANOG
mailing list