Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: traffic filtering

  • From: Jim Segrave
  • Date: Tue Jan 22 06:04:05 2002
  • Organisation: Demon Internet Netherlands

On Mon 21 Jan 2002 (18:46 -0500), Stephen Griffin wrote:
> 
> In the referenced message, Stephen Griffin said:
> > 
> > Hello,
> > 
> > I'm curious about how many networks completely filter all traffic to
> > any ip address ending in either ".0" or ".255".
> 
> Just to clarify, since a lot of the messages I'm receiving seem to indicate
> I was unclear. I'm not trying to determine how I should filter. I'm
> trying to determine how many other networks filter in such a manner that
> traffic to/from legitimate hosts is blocked.
> 
> One solution, rather than completely filter particular ip addresses, is
> to simply rate-limit either/both icmp echo request/icmp echo response
> message types. This should allow these other networks the ability to
> mitigate smurfs, while still allowing traffic from legitimate ip addresses.

We had to move some ADSL /32's off the .0 address because some idiots
out there were filtering on /24 boundaries. Demon never allocates
dialup /32's on .0 or .255, because there are misconfigured setups out
there.
 

-- 
Jim Segrave           jes@nl.demon.net




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.