On Tue, Nov 1, 2011 at 8:00 PM, Jimmy Hess wrote:
> On Tue, Nov 1, 2011 at 1:22 PM, Kevin Loch wrote:
>> We have always accommodated temporary ACL's for active DDOS attacks. I
>> think that is fairly standard across the ISP/hosting industry.
Indeed. We'll do it; ditto every reputable hosting,
On Tue, Nov 1, 2011 at 1:22 PM, Kevin Loch wrote:
> Christopher Pilkington wrote:
> We have always accommodated temporary ACL's for active DDOS attacks. I
> think that is fairly standard across the ISP/hosting industry.
And it's reasonable to accomodate the customer that asks, and
reasonable for
On 11/1/2011 1:22 PM, Kevin Loch wrote:
Christopher Pilkington wrote:
Is it common in the industry for a colocation provider, when requested
to put an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
We have
Christopher Pilkington wrote:
Is it common in the industry for a colocation provider, when requested to put
an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
We have always accommodated temporary ACL's for
> This is pretty common, but don't expect a filtering package without
> purchasing it.
>
> James
>
> - Original Message -
> From: "Christopher Pilkington"
> To: "NANOG mailing list"
> Sent: Tuesday, October 25, 2011 2:43:00 PM
>
7;t expect a filtering package without purchasing
it.
James
- Original Message -
From: "Christopher Pilkington"
To: "NANOG mailing list"
Sent: Tuesday, October 25, 2011 2:43:00 PM
Subject: Colocation providers and ACL requests
Is it common in the industry f
2011/10/26 Jay Ashworth
> - Original Message -
> > From: "Keegan Holley"
>
> > > - Original Message -
> > > > From: "Keegan Holley"
> > >
> > > > I'm assuming colo means hosting, and the OP misspoke. Most colo
> > > > providers
> > > > don't provide active network for colo (as i
- Original Message -
> From: "Keegan Holley"
> > - Original Message -
> > > From: "Keegan Holley"
> >
> > > I'm assuming colo means hosting, and the OP misspoke. Most colo
> > > providers
> > > don't provide active network for colo (as in power and rack only)
> > customers.
> >
>
2011/10/25 Jay Ashworth
> - Original Message -
> > From: "Keegan Holley"
>
> > I'm assuming colo means hosting, and the OP misspoke. Most colo providers
> > don't provide active network for colo (as in power and rack only)
> customers.
>
> Most?
>
> I'm sure there are exceptions to that
On Tue, Oct 25, 2011 at 9:21 PM, Keegan Holley
wrote:
> I'm assuming colo means hosting, and the OP misspoke. Most colo providers
> don't provide active network for colo (as in power and rack only) customers.
Yes, hosting. I did indeed misspeak.
- Original Message -
> From: "Keegan Holley"
> I'm assuming colo means hosting, and the OP misspoke. Most colo providers
> don't provide active network for colo (as in power and rack only) customers.
Most?
Cheers,
-- jra
--
Jay R. Ashworth Baylink
I'm assuming colo means hosting, and the OP misspoke. Most colo providers
don't provide active network for colo (as in power and rack only) customers.
2011/10/25 Paul Graydon
> On 10/25/2011 08:43 AM, Christopher Pilkington wrote:
>
>> Is it common in the industry for a colocation provider, whe
On 10/25/2011 08:43 AM, Christopher Pilkington wrote:
Is it common in the industry for a colocation provider, when requested to put
an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
-cjp
For colo? No, f
On Tue, Oct 25, 2011 at 2:43 PM, Christopher Pilkington wrote:
> Is it common in the industry for a colocation provider, when
> requested to put an egress ACL facing us such as:
>
> deny udp any a.b.c.d/24 eq 80
>
> …to refuse and tell us we must subscribe to their
> managed DDOS product?
Christ
2011/10/25 Brandon Galbraith
> On Tue, Oct 25, 2011 at 1:46 PM, Keegan Holley
> wrote:
>
>> Depends on the provider. Many just do not want to manage hundreds of
>> customer ACL's on access routers. Especially when it would compete with a
>> managed service (firewall, IDP, DDOS) of some sort.
Why not put the ACL on your ingress side at your switch or router?
I would typically not expect a colo provider to provide this service unless
I'm paying extra for it.
The smaller they are, the more likely they are to do so to keep you happy,
but I certainly wouldn't be asking this request unless
On Oct 25, 2011, at 2:50 PM, Brandon Galbraith wrote:
> On Tue, Oct 25, 2011 at 1:46 PM, Keegan Holley
> wrote:
>
>> Depends on the provider. Many just do not want to manage hundreds of
>>
> Conversely, some don't want to be paid for bare colocation (at bare
> colocation prices) and have to th
On Tue, Oct 25, 2011 at 1:46 PM, Keegan Holley wrote:
> Depends on the provider. Many just do not want to manage hundreds of
> customer ACL's on access routers. Especially when it would compete with a
> managed service (firewall, IDP, DDOS) of some sort. Some still are under
> the impression th
Depends on the provider. Many just do not want to manage hundreds of
customer ACL's on access routers. Especially when it would compete with a
managed service (firewall, IDP, DDOS) of some sort. Some still are under
the impression that ACL's are software based and their giant $100k+ edge box
wou
Is it common in the industry for a colocation provider, when requested to put
an egress ACL facing us such as:
deny udp any a.b.c.d/24 eq 80
…to refuse and tell us we must subscribe to their managed DDOS product?
-cjp
20 matches
Mail list logo