nanog mailing list archives
Re: NSPs filter?
From: Richard A Steenbergen <ras () e-gerbil net>
Date: Mon, 5 Aug 2002 11:18:31 -0400
On Sun, Aug 04, 2002 at 09:15:26PM -0700, Stephen Stuart wrote:
IMO, Commercial ISPs should never filter customer packets unless specifically requested to do so by the customer, or in response to a security/abuse incident.Let's say the customer operates some big enterprise network, runs their infrastructure in RFC1918 space ("for security," hah), and spews a couple kilobits of DNS query from that RFC1918 space toward the root nameservers. Assume that either pride or ignorance will prevent the customer from ever asking you to filter what you know to be garbage traffic. Does your rule to "never filter customer packets" mean you're going to sit and watch those packets go by? If yes, why?
One would hope that, unless there is a complaint, you wouldn't be invading their private to look at their traffic in the first place. If a root server operator complained about it, I'd say thats reasonable grounds to filter it and contact the customer, the same as if they had a compromised box spewing out DoS. Filtering piddly stuff like this without consultation is usually unwelcome at best, and a disruption at worst. It is also a serious investment of time and acl resources which could be better spent somewhere else. And lastly, it sets a bad precedent for what ISPs "can" do to proactively filter. After all, if we "can" do this, why can't we also filter illegal MP3 exchanges too. -- Richard A Steenbergen <ras () e-gerbil net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
Current thread:
- Re: NSPs filter?, (continued)
- Re: NSPs filter? bmanning (Aug 04)
- Re: NSPs filter? Chris Woodfield (Aug 04)
- Re: NSPs filter? bmanning (Aug 04)
- Re: NSPs filter? Stephen Stuart (Aug 04)
- Re: NSPs filter? Chris Woodfield (Aug 05)
- Re: NSPs filter? John M. Brown (Aug 05)
- Re: NSPs filter? Måns Nilsson (Aug 14)
- Re: NSPs filter? Chris Woodfield (Aug 04)
- Re: NSPs filter? Jared Mauch (Aug 05)
- Re: NSPs filter? John M. Brown (Aug 05)
- Re: NSPs filter? Scott Granados (Aug 05)
- Re: NSPs filter? bmanning (Aug 04)
- Re: NSPs filter? Richard A Steenbergen (Aug 05)
- Re: NSPs filter? bdragon (Aug 05)
- Re: NSPs filter? Richard A Steenbergen (Aug 05)
- Re: NSPs filter? John M. Brown (Aug 05)
- RE: NSPs filter? Barry Raveendran Greene (Aug 05)
- Re: NSPs filter? Richard A Steenbergen (Aug 05)
- Re: NSPs filter? Jared Mauch (Aug 05)
- Re: routing table size k claffy (Aug 07)
- Re: routing table size David G. Andersen (Aug 07)
- Message not available
- Re: routing table size David G. Andersen (Aug 08)
- RE: NSPs filter? Hank Nussbacher (Aug 05)