Rate limiting UDP,Multicast,ICMP
Ian Cooper
ian at the-coopers.org
Tue Nov 13 17:54:03 UTC 2001
If you're limiting inbound for them then you might affect their ability to
view some streaming media.
--On Tuesday, November 13, 2001 12:42 -0500 Thomas Gainer
<TGainer at e-xpedient.com> wrote:
>
> A little more information. We sell 100Mb Ethernet pipes to the Internet.
> (Yes, there are a few of us left). A fair number of these customers are
> small businesses. Usually, they have servers but very little IT support
> and even less IT know how. My thought is to rate limit UDP and ICMP at
> the customer port to no more than 3Mb/s so WHEN (not if) a customer is
> compromised, the effects are somewhat limited and my MAN pipes have some
> measure protection. The question is, what am I not thinking of? DNS,
> TFTP and such should all operate virtually unaffected, as they are not
> bandwidth hungry services.
>
> Thomas
More information about the NANOG
mailing list