Actually, this can be achieved easily using reflexive ACLs on any Cisco
router, so no real need to change the topology or add new devices in the
path:
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#reflexacl
Arie
On Sat, Nov 28, 2009 at 10:26 PM, Du
> Brielle is correct. The customer in question is spamming networks and we
> are having trouble filtering them because another provider allows them to
> source traffic however they please.
If they are spamming just pull the plug, whatever revenue you get from them
is not worth your reputation and
Yes - term the account would be my recommendation
And if you filter port 25 traffic do it both ways
Read these old nanog threads ..
http://www.irbs.net/internet/nanog/0408/0465.html and
http://www.mail-archive.com/na...@merit.edu/msg28863.html
On Sun, Nov 29, 2009 at 3:58 AM, William Herrin
wro
> Brielle is correct. The customer in question is spamming networks and
> we are having trouble filtering them because another provider allows
> them to source traffic however they please.
then perhaps the issue is a bit larger than their traffic incoming to
you. disconnect the schmucks.
randy
On Sat, Nov 28, 2009 at 2:14 PM, ML wrote:
> Brielle is correct. The customer in question is spamming networks and we
> are having trouble filtering them because another provider allows them to
> source traffic however they please.
What trouble? SMTP requires two-way traffic with a static port n
From: Duane Waddle
To: nanog@nanog.org
Subject: Re: Finding asymmetric path
Sent: Nov 28, 2009 1:26 PM
On Sat, Nov 28, 2009 at 1:41 PM, Brielle Bruns wrote:
> My partner Tammy says a PIX could probably accomplish the same task (we have
> some here for the corp lan stuff, including spares).
On Sat, Nov 28, 2009 at 1:41 PM, Brielle Bruns wrote:
> My partner Tammy says a PIX could probably accomplish the same task (we have
> some here for the corp lan stuff, including spares).
Yes, a PIX/ASA would stop this cold. The TCP state tracking would not
allow traffic to pass unless the who
lish the same task (we have
some here for the corp lan stuff, including spares).
Brielle
--
Brielle Bruns
http://www.sosdg.org / http://www.ahbl.org
-Original Message-
From: ML
Date: Sat, 28 Nov 2009 14:14:07
To: nanog@nanog.org
Subject: Re: Finding asymmetric path
Brielle Bruns
Brielle Bruns wrote:
On 11/27/09 8:43 PM, ML wrote:
I'm reasonable certain a customer of ours who is using one of our
netblocks is using a different reverse path to reach us. How might I
figure out who is allowing them to source traffic from IPs that belong
to us?
I've had two customers pul
>
> On Sat, Nov 28, 2009 at 09:41:09AM -0600, Joe Greco wrote:
> [attributions lost]
> > > >>> I'm reasonable certain a customer of ours who is using one of our
> > > >>> netblocks is using a different reverse path to reach us. How might I
> > > >>> figure out who is allowing them to source tra
On 11/27/09 8:43 PM, ML wrote:
I'm reasonable certain a customer of ours who is using one of our
netblocks is using a different reverse path to reach us. How might I
figure out who is allowing them to source traffic from IPs that belong
to us?
I've had two customers pull this stunt in the pa
On Sat, Nov 28, 2009 at 09:41:09AM -0600, Joe Greco wrote:
[attributions lost]
> > >>> I'm reasonable certain a customer of ours who is using one of our
> > >>> netblocks is using a different reverse path to reach us. How might I
> > >>> figure out who is allowing them to source traffic from IPs
On Fri, Nov 27, 2009 at 10:43 PM, ML wrote:
> I'm reasonable certain a customer of ours who is using one of our netblocks
> is using a different reverse path to reach us. How might I figure out who
> is allowing them to source traffic from IPs that belong to us?
Hi,
Are they complaining about s
> >>> I'm reasonable certain a customer of ours who is using one of our
> >>> netblocks is using a different reverse path to reach us. How might I
> >>> figure out who is allowing them to source traffic from IPs that belong
> >>> to us?
> >> you are implying that they are not allowed to multi-h
On Fri, Nov 27, 2009 at 11:23 PM, Randy Bush wrote:
> perhaps it is fear of what they, possibly mistakenly, perceive to be
> your policy regarding announcement of space that keeps them from
> announcing normally to both, or more, links?
or maybe just better pricing on the other provider, and tha
>>> I'm reasonable certain a customer of ours who is using one of our
>>> netblocks is using a different reverse path to reach us. How might I
>>> figure out who is allowing them to source traffic from IPs that belong
>>> to us?
>> you are implying that they are not allowed to multi-home using
> -Original Message-
> From: ML [mailto:m...@kenweb.org]
> Sent: Friday, November 27, 2009 10:44 PM
>
> I'm reasonable certain a customer of ours who is using one of our
> netblocks is using a different reverse path to reach us. How might I
> figure out who is allowing them to source traf
Randy Bush wrote:
I'm reasonable certain a customer of ours who is using one of our
netblocks is using a different reverse path to reach us. How might I
figure out who is allowing them to source traffic from IPs that belong
to us?
you are implying that they are not allowed to multi-home usin
> I'm reasonable certain a customer of ours who is using one of our
> netblocks is using a different reverse path to reach us. How might I
> figure out who is allowing them to source traffic from IPs that belong
> to us?
you are implying that they are not allowed to multi-home using the ip
spa
19 matches
Mail list logo
