Lessons from the AU model

Mark Newton newton at internode.com.au
Tue Jan 22 11:09:26 UTC 2008



On 22/01/2008, at 7:30 PM, Mikael Abrahamsson wrote:

> I am also hesitant regarding billing when a person is being DDOS:ed.  
> How is that handled in .AU? I can see billing being done on outgoing  
> traffic from the customer because they can control that, but what  
> about incoming, the customer has only partial control over that.

It isn't hard.  For a start, there are only one or two providers where
customers ever get excess bills, so we aren't really talking about
"billing when a person is being DDOS'ed", we're talking about "rate- 
limiting
after a person has been DDOS'ed."

On the rare occasion when it happens, the ISPs who aren't bastards
are usually understanding enough to back out measurements which are
DDOS related.  Whether or not your ISP is a bastard is one of the
factors you'd use to determine which ISP is offering a package that
fits your needs in a competitive environment.

In my observation, customers who are repeatedly DDOS'ed are usually
doing something to provoke it.  I don't think I've ever seen an instance
where a DDOS'ed customer has had a repeat occurrance after that  
datapoint
is illuminated for them.

   - mark

--
Mark Newton                               Email:  newton at internode.com.au 
  (W)
Network Engineer                          Email:   
newton at atdot.dotat.org  (H)
Internode Systems Pty Ltd                 Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223








More information about the NANOG mailing list