[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Thank you, Comcast.

On 26 Feb 2016, at 23:02, Damian Menscher via NANOG wrote:

> What I'd much rather see Comcast do is use their netflow to trace the
> source of the spoofed packets (one of their peers or transit 
> providers, no
> doubt) and strongly encourage (using their legal or PR team as needed) 
> them
> to trace back and stop the spoofing.

These approaches aren't necessarily mutually exclusive, as most flow 
telemetry implementations still report on blocked traffic from exporting 

Keeping the network up and available for the vast majority of the 
customer base trumps all other considerations.  DNS queries should not 
typically be directed towards consumer broadband access netblocks, 
period; and when they cause operational problems due to abusable CPE 
being, well, abused, immediate remediation action(s) must be taken.

To do otherwise would be irresponsible.

Roland Dobbins <rdobbins at arbor.net>