On 26 Feb 2016, at 20:17, Nick Hilliard wrote:
If you block packets with udp src port=53 towards customers, you will also block legitimate return traffic if the customers run their own DNS servers or use opendns / google dns / etc.
Actually, what they're talking about is blocking packets *destined* for UDP/53 on broadband access networks, not *sourced from*.
----------------------------------- Roland Dobbins <rdobb...@arbor.net>
