Thank you, Comcast.
rdobbins at arbor.net
Fri Feb 26 16:27:12 UTC 2016
On 26 Feb 2016, at 23:02, Damian Menscher via NANOG wrote:
> What I'd much rather see Comcast do is use their netflow to trace the
> source of the spoofed packets (one of their peers or transit
> providers, no
> doubt) and strongly encourage (using their legal or PR team as needed)
> to trace back and stop the spoofing.
These approaches aren't necessarily mutually exclusive, as most flow
telemetry implementations still report on blocked traffic from exporting
Keeping the network up and available for the vast majority of the
customer base trumps all other considerations. DNS queries should not
typically be directed towards consumer broadband access netblocks,
period; and when they cause operational problems due to abusable CPE
being, well, abused, immediate remediation action(s) must be taken.
To do otherwise would be irresponsible.
Roland Dobbins <rdobbins at arbor.net>
More information about the NANOG