Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm]

Stephen J. Wilcox steve at telecomplete.co.uk
Sat Nov 29 02:18:56 UTC 2003

On Fri, 28 Nov 2003, Daniel Senie wrote:

> At 06:24 PM 11/28/2003, Sean Donelan wrote:
> >On Sat, 29 Nov 2003, Petri Helenius wrote:
> > > If you are an access provider, specially in the consumer space, you can
> > > do many things to help the "Greater Internet" by keeping your own back
> > > yard in good shape.  In the transit business, you are expected to
> > > deliver the bits regardless of the content so there the only viable
> > > option is to drop packets where the source or  destination addresses
> > > don´t make sense.
> >
> >What is the difference between a transit provider and an access provider,
> >specially in the consumer space?  Why is a transit provider expected to
> >deliver the bits, but the access provider isn't?  Since the bulk of
> >Internet access is actually provided by wholesale providers (e.g.
> >AOL/Earthlink buy wholesale modem access from UUNET/Level3), who is
> >the access provider and who is the transit provider?
> And how do you handle the situation where a provider is both? UUNet, for 
> example, sells LOTS of T-1 lines to non-ISP businesses, and sells retail 
> dialup services to consumers. Sure they also sell wholesale bandwidth and 
> wholesale dialup services to ISPs, but it's not their whole business.
> The problem isn't "someone else's problem" for anyone. 

Clearly you can apply checks to parts of your network (stub bits) such as your 
dialup pool etc where can be sure about what src/dst addresses are fake, ie the 
access part of your business


More information about the NANOG mailing list