On Sun, Nov 13, 2016 at 5:19 PM, Marco d'Itri <m...@linux.it> wrote: > On Nov 13, Marco Marzetti <ma...@lamehost.it> wrote: > >> Carriers cannot do that as they cannot drop ALL the traffic from a >> certain source if the request is not coming from the owner. > They may want to do this for policy reasons, usually because malicious > traffic is being sourced and the customer is not responsive: I do this > routinely. >
Dropping "malicious" traffic for policy is actually a great thing. If you do that: THANKS. But who defines if that's malicious or not? And what would be more harmfull for the business? To drop or to forward? I mean: carriers' business is to transit traffic through their network, as long as they're paid for that traffic and that is not harming their peering relationships, why would they drop it? For a greater good? In that case: again THANKS! >> Contents are usually targets, not sources and it's easier/cheaper for >> them to halt the VM or shut the port on the switch that signaling null >> route via BGP. > That host may be on a customer infrastructure which we do not control, > so it cannot be shut down without impact on other services. > Also, it is usually better for customer experience and to allow some > early forensic analysis to drop connectivity to a compromised host than > to just shut it down. The very same answer as above applies here. -- Marco _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow
