Lessons from the AU model

Ben Butler ben.butler at c2internet.net
Tue Jan 22 10:26:01 UTC 2008


Hi,

Regarding Dos filtering, I guess that really depends on whether we are
talking about completing the attack and filtering in upstream transits,
or, filtering source / traffic classification within the AS keeping the
destination alive throughout the attack and utilising WAN/Transit
bandwidth in the process.

For me personally, if the first scenario is picked up under the horizon
of the 95% bill then its a non issue.  If the customer wants to ride it
out themselves with no filtering from us, then it is going to appear on
their port and hence burst bill for the month.  And if the customer
wants us to upstream source/classify filter traffic to give them a
sanitized feed while we still incur the traffic - well they either pay
or get turned off.

Personally I don't want a Blue Solutions and if the customer were to
think I am going to filter 24gbps of DoS delivering them a few megs of
cleaned up traffic and that is all they pay for.... Well, they will be
getting a P45.

Dos filtering is expensive and value add and people need to pay fair
price for things in this world, life is not free / cheap.  A lack of
imagination or focused usage from the IPTv / download brigade - does not
mean something has lower value just that their business model is flawed
and they cant afford the tools for the job + then keep all the
advertising revenue to themselves.   Why should access providers be
giving away Ferraris for less than the manufacture cost of Maxi's (a
really naff old UK car - http://en.wikipedia.org/wiki/Austin_Maxi)

There is a UK ISP offering a LLU DSL service (line rental + internet +
telephone service) for less than the monthly cost of the copper line
rental from BT - to try and build market share to "pay" for that
expensive DSLAM rollout by "buying" market share - I do at times wish
the FDs / marketing / sales people at some of these companies would go
and sit some basic business studies / accountant / economics classes.

My 2c.

Ben

-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
Alastair Johnson
Sent: 22 January 2008 09:55
To: nanog at merit.edu
Subject: Re: Lessons from the AU model


Mikael Abrahamsson wrote:
> Some claim that metering is 50% of cost in the telco industry, and I 
> have no reason to doubt that. Staying out of metering saves money on 
> all levels, less complex equipment, less supportcalls, less hassle 
> with billing.

I have to agree with this, although the figure is trending downwards. 
Certainly one situation I have seen with ~$200mm in broadband metering
revenue was spending $80m-ish a year on the various platforms that
managed metering/rating/billing and the ops cost that went with it.

The flipside is that I can see products (BRAS/BNG and their associated
control plane solutions) being developed, launched, and marketed right
now that make this much easier to manage.  If the telephants adopt this,
then it will reduce their billing cost substantially - although it
adjusts (disrupts?) their traditional messy OSS/BSS.

> I am also hesitant regarding billing when a person is being DDOS:ed. 
> How is that handled in .AU? I can see billing being done on outgoing 
> traffic from the customer because they can control that, but what 
> about incoming, the customer has only partial control over that.

In my experience (NZ & AU) inbound DDoS attacks are usually waived by
the service provider.  This may not apply with all ISPs, but when I
drove an ISP we did try and protect customers from that form of
bill-shock.

aj.



More information about the NANOG mailing list