ACLs / Filter Lists - Best Practices

John McBrayne mcbrayne at
Tue Nov 27 23:37:18 UTC 2001

Is anyone aware of any current "best practices" related to the
recommended set of filtering rules (Cisco ACL lists or Juniper filter
sets) for reasons of Security, statistics collection, DoS attack
analysis/prevention, etc.?  I'm curious to see if there are any such
recommendations for Tier 1/Tier 2 backbone routers, peering points,
etc., as opposed to CPE terminations or Enterprise/LAN equipment

Actual config file examples would be great, if they exist.


More information about the NANOG mailing list