North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: traffic filtering

  • From: Stephen Griffin
  • Date: Mon Jan 21 18:49:55 2002

In the referenced message, Stephen Griffin said:
> 
> Hello,
> 
> I'm curious about how many networks completely filter all traffic to
> any ip address ending in either ".0" or ".255".

Just to clarify, since a lot of the messages I'm receiving seem to indicate
I was unclear. I'm not trying to determine how I should filter. I'm
trying to determine how many other networks filter in such a manner that
traffic to/from legitimate hosts is blocked.

One solution, rather than completely filter particular ip addresses, is
to simply rate-limit either/both icmp echo request/icmp echo response
message types. This should allow these other networks the ability to
mitigate smurfs, while still allowing traffic from legitimate ip addresses.