BCP for ISP to block worms at PEs and NAS

Randy Bush randy at psg.com
Sun Apr 17 16:01:55 UTC 2005


> On my Cisco-based SP network with RPMs in MGX chassis acting as PEs:
> I have the ACL below applied on many network devices to block the
> common worms ports,

if you are a service provider, perhaps filtering in the core will
not be appreciated by some customers.  of course, as a provider,
you can choose what 'service' you are providing.  but, if you
filter ports, it is not clear you are providing internet service.

randy




More information about the NANOG mailing list