nanog mailing list archives
Re: Egress filters dropping traffic
From: Saku Ytti <saku () ytti fi>
Date: Mon, 1 Jul 2013 10:24:40 +0300
On (2013-06-30 22:04 +0530), Glen Kent wrote:
Under what scenarios do providers install egress ACLs which could say for eg. 1. Allow all IP traffic out on an interface foo if its coming from source IP x.x.x.x/y 2. Drop all other IP traffic out on this interface.
Question seems to be 'when do you need to drop packets', I'm sure 10 different people would give 10 different use-cases. One use-case for this particular ACL is that the interface is used for MGMT only, so you allow NMS network and drop everything else. -- ++ytti
Current thread:
- Re: Egress filters dropping traffic Saku Ytti (Jul 01)