[c-nsp] rate limit dns

Gert Doering gert at greenie.muc.de
Fri Dec 27 04:50:53 EST 2013


Hi,

On Fri, Dec 27, 2013 at 08:24:55AM +0000, Dobbins, Roland wrote:
> Why are you allowing DNS responses from outside your network to
> your subscribers at all, excepting Google DNS, OpenDNS, and anything
> specifically arranged for specific customers (the assumption is
> that you're running a consumer broadband access network)?

Some folks sell *Internet* access.  That means "Internet", not "Internet
minus all the stuff we like to filter today".

I'd terminate my contract if my ISP would take away the ability to query
"foreign" DNS servers (usually done to troubleshoot things), to run 
traceroutes, to ping stuff, etc.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20131227/38521910/attachment.sig>


More information about the cisco-nsp mailing list