Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
Mikael Abrahamsson
swmike at swm.pp.se
Tue Mar 6 22:45:20 UTC 2007
On Tue, 6 Mar 2007, Valdis.Kletnieks at vt.edu wrote:
> On Tue, 06 Mar 2007 21:54:06 +0100, Mikael Abrahamsson said:
>> So instead I just drop their spoofed traffic and if they call and say that
>> their line is slow, I'll just say it's full and they can themselves track
>> down the offending machine and shut it off to solve the problem.
>
> This doesn't sound very scalable. You're almost certainly overcommitted on
> the upstream side and likely looking at congestion if many customers are
> spewing.
If they're spewing spoofed traffic I'm dropping it, so that's not a
problem.
> What do you tell the customer who calls and complains that *he* isn't a major
> traffic source, but he's seeing dropped packets and delays on your upstream
> link? Do you tell him its full and they can track down which other customer
> is the offender?
Do you usually design networks that can't handle customers using what they
have paid for? I don't. (for any reasonable amount of statistical
oversubscripion of course)
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the NANOG
mailing list