North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Access Lists
On Thu, 26 Mar 1998 17:33:10 -0500, "Martin, Christian" <[email protected]> wrote: [...] > I am very willing to help my >customers, but there is a tradeoff in terms of what it costs me. If it >is a good customer, or more importantly, a big one, then I will write a >200 line access list, no problem! But say I implement this type of >service for a few customers, and word spreads that we are doing it, then >everyone wants that type of service. Well, no one said it has to be free. Cost has a way of weeding out those who are serious about things, and of course it also helps subsidize the resource impacts or even make them profitable. >I suppose my biggest question was this. Has anyone got themselves into >a hole by providing ICMP filtering on their routers to protect >downstream customers, be it in terms of manageability, processor >overhead, packet discarding. Also, where is the best place to do this, >ingress, egress, or a combination? Do buffers need to be increased? >What about queueing strategy? How does NetFlow affect access-list >processing? As you said, these are the interesting questions. -john
|