Where are static bogon filters appropriate? was: Bogons

Mikael Abrahamsson swmike at swm.pp.se
Tue Mar 6 22:45:20 UTC 2007

On Tue, 6 Mar 2007, Valdis.Kletnieks at vt.edu wrote:

> On Tue, 06 Mar 2007 21:54:06 +0100, Mikael Abrahamsson said:
>> So instead I just drop their spoofed traffic and if they call and say that
>> their line is slow, I'll just say it's full and they can themselves track
>> down the offending machine and shut it off to solve the problem.
> This doesn't sound very scalable.  You're almost certainly overcommitted on
> the upstream side and likely looking at congestion if many customers are
> spewing.

If they're spewing spoofed traffic I'm dropping it, so that's not a 

> What do you tell the customer who calls and complains that *he* isn't a major
> traffic source, but he's seeing dropped packets and delays on your upstream
> link?  Do you tell him its full and they can track down which other customer
> is the offender?

Do you usually design networks that can't handle customers using what they 
have paid for? I don't. (for any reasonable amount of statistical 
oversubscripion of course)

Mikael Abrahamsson    email: swmike at swm.pp.se

More information about the NANOG mailing list