North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Access Lists

  • From: John Navitsky
  • Date: Fri Mar 27 09:12:19 1998

On Thu, 26 Mar 1998 17:33:10 -0500, "Martin, Christian"
<[email protected]> wrote:


> I am very willing to help my
>customers, but there is a tradeoff in terms of what it costs me.  If it
>is a good customer, or more importantly, a big one, then I will write a
>200 line access list, no problem!  But say I implement this type of
>service for a few customers, and word spreads that we are doing it, then
>everyone wants that type of service.  

Well, no one said it has to be free.  Cost has a way of weeding out those who
are serious about things, and of course it also helps subsidize the resource
impacts or even make them profitable.

>I suppose my biggest question was this.  Has anyone got themselves into
>a hole by providing ICMP filtering on their routers to protect
>downstream customers, be it in terms of manageability, processor
>overhead, packet discarding.  Also, where is the best place to do this,
>ingress, egress, or a combination?  Do buffers need to be increased?
>What about queueing strategy?  How does NetFlow affect access-list

As you said, these are the interesting questions.