Le 01/05/2013 14:46, David Miller a écrit : > On 05/01/2013 05:40 AM, Thomas Schmid wrote: >> Joel, >> >> Am 30.04.2013 18:00, schrieb joel jaeggli: >>> On 4/30/13 8:23 AM, Thomas Schmid wrote: >>>> On 30.04.2013 17:07, Chris Boyd wrote: >>>>> On Tue, 2013-04-30 at 10:59 -0400, ML wrote: >>>>>> 1) Do nothing - They're supposed deliver any and all bits >>>>>> (Disregarding >>>>>> a DoS or similiar situation which impedes said network) >>>>>> 2) Prefix filter - Don't be a party (at least in one direction) to >>>>>> the >>>>>> bad actors traffic. >>>>> 3 - Deliver all packets unless I've signed up for an enhanced security >>>>> offering? >>>>> >>>> right - I see this really as something that should be decided at the >>>> edge >>>> of the internet (Tier2+) and not in the core. >>> You seem to have odd ideas about what it means to be a settlement >>> free provider. Most of their customers are not smaller internet >>> service providers. >> I know what it means to be a customer of >> $LargeGlobalISPthatsellsTransittootherISPs since >> 1995 and I have *never* seen one of these guys blackholing >> single IPs on their own (and I'm not talking about RTB, botnet >> controllers that threaten to kill >> the internet etc.). Now since a few weeks we get regular complaints >> about this. So something has changed. >> >> The sensitive approach would really be to make this an opt-in service >> for their customers >> and not a default service without opt-out option. In times of CGN and >> hundrets or thousands of >> websites behind one IP, blocking addresses is not the right answer to >> the phishing problem. >> > ... or perhaps on an internet where many network owners block / police / > throttle packets by source or destination, implementing CGN or stacking > thousands of websites behind one IP address are poor solutions to the > connectivity problem. > > My only issue is the lack of information provided when blocks go into > place. I would love to see networks provide information publicly that > shows what is being blocked along with a description of why. A history > that extends for a few days would be a bonus.
I agree with that. While some blocking and policing may be judged "good thing" there is a well-known potential for "other kinds" of policing... Cheers, mh > > -DMM > >
