Rate limiting UDP,Multicast,ICMP

Ian Cooper ian at the-coopers.org
Tue Nov 13 17:54:03 UTC 2001

If you're limiting inbound for them then you might affect their ability to 
view some streaming media.

--On Tuesday, November 13, 2001 12:42 -0500 Thomas Gainer 
<TGainer at e-xpedient.com> wrote:

> A little more information.  We sell 100Mb Ethernet pipes to the Internet.
> (Yes, there are a few of us left).  A fair number of these customers are
> small businesses.  Usually, they have servers but very little IT support
> and even less IT know how.  My thought is to rate limit UDP and ICMP at
> the customer port to no more than 3Mb/s so WHEN (not if) a customer is
> compromised, the effects are somewhat limited and my MAN pipes have some
> measure protection.  The question is, what am I not thinking of?  DNS,
> TFTP and such should all operate virtually unaffected, as they are not
> bandwidth hungry services.
> Thomas

More information about the NANOG mailing list