Tier1 blackholing policy?
dmiller at tiggee.com
Wed May 1 12:46:40 UTC 2013
On 05/01/2013 05:40 AM, Thomas Schmid wrote:
> Am 30.04.2013 18:00, schrieb joel jaeggli:
>> On 4/30/13 8:23 AM, Thomas Schmid wrote:
>>> On 30.04.2013 17:07, Chris Boyd wrote:
>>>> On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
>>>>> 1) Do nothing - They're supposed deliver any and all bits
>>>>> a DoS or similiar situation which impedes said network)
>>>>> 2) Prefix filter - Don't be a party (at least in one direction) to
>>>>> bad actors traffic.
>>>> 3 - Deliver all packets unless I've signed up for an enhanced security
>>> right - I see this really as something that should be decided at the
>>> of the internet (Tier2+) and not in the core.
>> You seem to have odd ideas about what it means to be a settlement
>> free provider. Most of their customers are not smaller internet
>> service providers.
> I know what it means to be a customer of
> $LargeGlobalISPthatsellsTransittootherISPs since
> 1995 and I have *never* seen one of these guys blackholing
> single IPs on their own (and I'm not talking about RTB, botnet
> controllers that threaten to kill
> the internet etc.). Now since a few weeks we get regular complaints
> about this. So something has changed.
> The sensitive approach would really be to make this an opt-in service
> for their customers
> and not a default service without opt-out option. In times of CGN and
> hundrets or thousands of
> websites behind one IP, blocking addresses is not the right answer to
> the phishing problem.
... or perhaps on an internet where many network owners block / police /
throttle packets by source or destination, implementing CGN or stacking
thousands of websites behind one IP address are poor solutions to the
My only issue is the lack of information provided when blocks go into
place. I would love to see networks provide information publicly that
shows what is being blocked along with a description of why. A history
that extends for a few days would be a bonus.
More information about the NANOG