traffic filtering

Stephen Griffin stephen.griffin at rcn.com
Thu Jan 24 17:04:04 UTC 2002


Thank you all for your responses public and private. About 4 respondents
stated they do filter (traffic) on /24 network/broadcast boundaries.

It appears that microsoft boxes may have some issues due to bugs in their
networking code. I'm going to attempt to address those with Microsoft.

In response to my queries, none of the respondents stated why rate-limitting
certain icmp message types would not be sufficient to all-out filtering.
The prevalent supporting argument was that old or buggy gear may have
trouble with addresses ending in ".0" or ".255", and that others filter.

Several folks mentioned sizable providers that do allocate addresses
with ".0" and ".255" (some were mentioned privately, so I'll omit those)
to include mediaone and aol.

How folks choose to filter is their own business, but I would respectfully
request that consideration be made into alternatives that address their
needs while encouraging vlsm, and connectivity for legitimate ip addresses.

Thank you all,
Stephen



More information about the NANOG mailing list