Joel, Am 30.04.2013 18:00, schrieb joel jaeggli:
On 4/30/13 8:23 AM, Thomas Schmid wrote:You seem to have odd ideas about what it means to be a settlement free provider. Most of their customers are not smaller internet service providers.On 30.04.2013 17:07, Chris Boyd wrote:On Tue, 2013-04-30 at 10:59 -0400, ML wrote:1) Do nothing - They're supposed deliver any and all bits (Disregarding a DoS or similiar situation which impedes said network) 2) Prefix filter - Don't be a party (at least in one direction) to the bad actors traffic.3 - Deliver all packets unless I've signed up for an enhanced security offering?right - I see this really as something that should be decided at the edgeof the internet (Tier2+) and not in the core.
I know what it means to be a customer of $LargeGlobalISPthatsellsTransittootherISPs since
1995 and I have *never* seen one of these guys blackholingsingle IPs on their own (and I'm not talking about RTB, botnet controllers that threaten to kill the internet etc.). Now since a few weeks we get regular complaints about this. So something has changed.
The sensitive approach would really be to make this an opt-in service for their customers and not a default service without opt-out option. In times of CGN and hundrets or thousands of websites behind one IP, blocking addresses is not the right answer to the phishing problem.
Thomas
smime.p7s
Description: S/MIME Kryptografische Unterschrift
