Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How do you stop outgoing spam?

  • From: Rafi Sadowsky
  • Date: Mon Sep 09 20:36:24 2002

## On 2002-09-09 17:15 -0700 Eliot Lear typed:

EL>
EL> Paul Vixie wrote:
EL> > per-destination host AND port egress rate shaping.  if someone tries to send
EL> > more than 1Kbit/sec to all port 80's, or more than 1Kbit/sec to any single
EL> > IP address, then you can safely RED their overage.  this violates the whole
EL> > peer-to-peer model but there's no help for that in the short term.  if some
EL> > internet cafe has a CuCme camera setup then you can find a way to let that
EL> > traffic off-net without rate shaping.  this will be the exception.
EL>
EL> Please be aware that this could have unintended consequences, and should
EL> be used in very constrained ways.  In particular, there are any number
EL> of applications, including VPN applications that use port 80.  I would
EL> recommend that only specified destinations get such treatment, if you
EL> apply it at all.

Hi Eliot

 Maybe I'm missing something obvious but do how you get rate-limiting per
TCP *flow* with Cisco IOS ?

-- 
Regards,
	Rafi






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.