Thank you, Comcast.
SNaslund at medline.com
Fri Feb 26 17:19:25 UTC 2016
I don't have a problem with an ISP blocking certain things by default as long as they identify them like Comcast has done especially for consumer service. It would be nice if there was a way to opt out of the protection for the few people that need those services either through a web interface or a phone call. They might make the case though that certain services require a business class of service.
Back in the 90s we used to block port 25 traffic for all customers unless they needed it opened because there were so many insecure mail systems out there. Sometimes you have to protect the clueless majority at the expense of a slight inconvenience for the geeks. So if you were smart enough to know that you need port 25 opened, we would do it. Most people did not know that it should be blocked most of the time so we protected them.
>I agree with this...from a customer perspective. I've seen ISPs block other traffic as well...even on "business" accounts, and break their customers networks.
>It's the Internet not a private network...
>I've never been a typical user though...maybe one of the "dozen" Mike refers to that runs a email server, web server, dns server, etc, etc, etc out of their house.
>> On Feb 26, 2016, at 9:31 AM, Keith Medcalf <kmedcalf at dessus.com> wrote:
>> ISP's should block nothing, to or from the customer, unless they make it clear *before* selling the service (and include it in the Terms and Conditions of Service >>Contract), that they are not selling an Internet connection but are selling a partially functional Internet connection (or a limited Internet Service), and specifying >>exactly what the built-in deficiencies are.
>> Deficiencies may include:
>> port/protocol blockage toward the customer (destination blocks)
>> port/protocol blockage toward the internet (source blocks) DNS
>> diddling (filtering of responses, NXDOMAIN redirection/wildcards, etc)
>> Traffic Shaping/Policing/Congestion policies, inbound and outbound
> Some ISPs are good at this and provide opt-in/out methods for at least the first three on the list. Others not so much.
More information about the NANOG