CCO/cisco.com issues.
Marc Binderberger
marc at sniff.de
Tue Oct 7 22:53:59 UTC 2003
Charles,
> Let's add a very important line:
>
> "Then They Came for the OC-3 or smaller connections
> and I did not speak out
> because I run fat OC-12 - OC-48 pipes"
which doesn't help you much today.
I've seen attacks of around a Gbit/s bandwidth. So a OC-48 is already
in danger. The OC-12 is useless. And _of course_ the top providers have
OC-192 "everywhere" ... .
> It's my guess that the "top providers" that ignore cries for help
> because
> they can sink the traffic (and bill for it)
and get complains from customers because the Internet access doesn't
work as promised. Ignoring this in a competitive market is no option. A
least not for a longer time.
What is underestimated is the difficulty to detect an attack and the
details of it. Fortunately tools like Arbor or Riverhead exist
meanwhile but even then it's often reactive for smaller customers. From
my impression "top providers" spent the money for such tools although
there is no direct/obvious revenue impact (read: gain). I would name
this a responsible behavior for commercial companies.
> I hope we don't have to wait until that
> time comes around to figure out how to cooperate.
There is cooperation. Maybe not that much on list like NANOG but Hank
mentioned already a non-public list which succeeded in building the
trust to cooperate with other providers. Without the risk to see your
issues on news.com the next day.
Just because it doesn't appear on NANOG doesn't mean nobody takes care
:-)
Regards, Marc
--
Marc Binderberger <marc at sniff.de> Powered by *BSD ;-)
More information about the NANOG
mailing list