Tier1 blackholing policy?

Dobbins, Roland rdobbins at arbor.net
Wed May 1 10:09:21 UTC 2013


On May 1, 2013, at 4:40 PM, Thomas Schmid wrote:

> Now since a few weeks we get regular complaints about this. So something has changed.

Yes, things have changed.  There are reasons that some of the transit ISPs are performing this blocking.  They aren't doing it for kicks.

For example, there are non-insignificant numbers of servers/accounts which have been compromised and used to launch large-scale, high-impact DDoS attacks.  The negative impact of allowing these servers to emit attack traffic far outweighs the inconvenience experienced by a few end-customers trying to access these servers (which are compromised, anyways, and therefore it isn't a good idea to try and access them in the first place).

Suggest you ask the transit ISPs in question directly.  You aren't likely to get an authoritative answer on a public email list.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton





More information about the NANOG mailing list