Access Lists

• Previous message (by thread): Access Lists
• Next message (by thread): Hope it's operational enough....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 26 Mar 1998 17:33:10 -0500, "Martin, Christian"
<CMartin at mercury.balink.com> wrote:

[...]

> I am very willing to help my
>customers, but there is a tradeoff in terms of what it costs me.  If it
>is a good customer, or more importantly, a big one, then I will write a
>200 line access list, no problem!  But say I implement this type of
>service for a few customers, and word spreads that we are doing it, then
>everyone wants that type of service.  

Well, no one said it has to be free.  Cost has a way of weeding out those who
are serious about things, and of course it also helps subsidize the resource
impacts or even make them profitable.

>I suppose my biggest question was this.  Has anyone got themselves into
>a hole by providing ICMP filtering on their routers to protect
>downstream customers, be it in terms of manageability, processor
>overhead, packet discarding.  Also, where is the best place to do this,
>ingress, egress, or a combination?  Do buffers need to be increased?
>What about queueing strategy?  How does NetFlow affect access-list
>processing?

As you said, these are the interesting questions.

-john

• Previous message (by thread): Access Lists
• Next message (by thread): Hope it's operational enough....
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]