North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Abuse procedures... Reality Checks

  • From: Robert Bonomi
  • Date: Sat Apr 07 20:53:17 2007


> From: "Frank Bulk" <frnkblk@xxxxxxxxx>
> Subject: RE: Abuse procedures... Reality Checks
> Date: Sat, 7 Apr 2007 16:20:59 -0500
>
> > If they can't hold the outbound abuse down to a minimum, then 
> > I guess I'll have to make up for their negligence on my end.  
>
> Sure, block that /29, but why block the /24, /20, or even /8?  Perhaps your
> (understandable) frustration is preventing you from agreeing with me on this
> specific case.  Because what you usually see is an IP from a /20 or larger
> and the network operators aren't dealing with it.  In the example I gave
> it's really the smaller /29 that's the culprit, it sounds like you want to
> punish a larger group, perhaps as large as an AS, for the fault of smaller
> network.

BLUNT QUESTIONS:  *WHO*  pays me to figure out 'which parts' of a provider's
network are riddled with problems and 'which parts' are _not_?  *WHO* pays
me to do the research to find out where the end-user boundaries are? *WHY*
should _I_ have to do that work -- If the 'upstream provider' is incapable of
keeping _their_own_house_ clean, why should I spend the time trying to figure
out which of their customers are 'bad guys' and which are not?

A provider *IS* responsible for the 'customers it _keeps_'.

And, unfortunately, a customer is 'tarred by the brush' of the reputation
of it's provider.

> Smaller operators, like those that require just a /29, often don't have that
> infrastructure.  Those costs, as I'm sure you aware, are passed on to
> companies like yourself that have to maintain their own network's security.
> Again, block them, I say, just don't swallow others up in the process.

If the _UPSTREAM_ of that 'small operator' cannot 'police' its own customers,
Why should _I_ absorb the costs that _they_ are unwilling to internalize?

If they want to sell 'cheap' service, but not 'doing what is necessary', I
see no reason to 'facilitate' their cut-rate operations.

Those who buy service from such a provider, 'based on cost',  *deserve* what
they get, when their service "doesn't work as well" as that provided by the
full-price competition.

_YOUR_ connectivity is only as good as the 'reputation' of whomever it is 
that you buy connectivity from.

You might want to consider _why_ the provider *keeps* that 'offensive' 
customer.  There would seem to be only a few possible explanations:  (1) they
are 'asleep at the switch', (2) that customer pays enough that they can
'afford' to have multiple other customers who are 'dis-satisfied', or who
may even leave that provider, (3) they aren't willing to 'spend the money'
to run a clean operation.  (_None_ of those seems like a good reason for _me_
to spend extra money 'on behalf of' _their_ clients.)