nanog mailing list archives

Re: Tier1 blackholing policy?

From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Wed, 1 May 2013 10:09:21 +0000


On May 1, 2013, at 4:40 PM, Thomas Schmid wrote:

Now since a few weeks we get regular complaints about this. So something has changed.


Yes, things have changed.  There are reasons that some of the transit ISPs are performing this blocking.  They aren't 
doing it for kicks.

For example, there are non-insignificant numbers of servers/accounts which have been compromised and used to launch 
large-scale, high-impact DDoS attacks.  The negative impact of allowing these servers to emit attack traffic far 
outweighs the inconvenience experienced by a few end-customers trying to access these servers (which are compromised, 
anyways, and therefore it isn't a good idea to try and access them in the first place).

Suggest you ask the transit ISPs in question directly.  You aren't likely to get an authoritative answer on a public 
email list.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton

Current thread:

Re: Tier1 blackholing policy? Thomas Schmid (May 01)
- Re: Tier1 blackholing policy? Dobbins, Roland (May 01)
- Re: Tier1 blackholing policy? David Miller (May 01)
  - Re: Tier1 blackholing policy? Michael Hallgren (May 01)
- <Possible follow-ups>
- Re: Tier1 blackholing policy? Rich Kulawiec (May 01)
  - Re: Tier1 blackholing policy? Jared Mauch (May 01)