This seems to come up about once a year. The Thought Police get pressure from the politicians to 'do something', and they cull some of the more extreme examples from the net and circulate a list to ISPs, with threats of prison etc. if nothing is done.
It is actually easy to set up and maintain. Resolve the IPs, set up a blackhole to null0 in a core router and distribute a BGP host route to the blackhole throughout the network. No problem to set up and maintain - just check if the offending sites are still active once a week or so. Because it is configured in one place only there isn't much danger of the filters getting forgotten. Of course this is a bit unethical, because one is advertising a route downstream to an address that one is blackholing. I'll leave that one for discussion by the Swinog ethics committee ;-) The problem comes when you block a few thousand other sites using the same IP. The press get hold of it and write stories about incompetent Thought Police, and you are quietly asked to remove the filters. Wait a year. go back to the beginning. The Thought Police have short memories... It doesn't seem to be a growing problem. Just noise we have to deal with once in a while. Like imploding ISPs. Phil At 02:33 PM 7/23/02 +0200, you wrote: >Hello all, > >please stop any filtering in the IP backbones! It wreks havroc the >whole thing. If you do any filtering, then do it on the access network >gateways to the backbone! > >I'm getting really pissed that more and more upstreams are filtering >their entire backbones without telling anyone (not even their ISP >customers) and without updating the filters all the time!!! :-( > >Who are the bad guys? I know that Sunrise, IP-Plus and COLT are >filtering. Anyone else? > >Look at this. I wanted to access the site of an DivX alternative and >got this: > ># ping www.3ivx.com >PING 3ivx.com (207.228.238.29): 56 data bytes >36 bytes from filter-for-online-gambling-sites-and-RFC1918-addr.zrh1.ch. >colt.net (212.23.224.56): Destination Host Unreachable >Vr HL TOS Len ID Flg off TTL Pro cks Src Dst > 4 5 00 5400 487b 0 0000 3e 01 adb9 212.23.244.90 207.228.238.29 > > >-- >Andre >---------------------------------------------- >[EMAIL PROTECTED] Maillist-Archive: >http://www.mail-archive.com/swinog%40swinog.ch/ ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
