On Nov 13, Marco Marzetti <[email protected]> wrote: > Carriers cannot do that as they cannot drop ALL the traffic from a > certain source if the request is not coming from the owner. They may want to do this for policy reasons, usually because malicious traffic is being sourced and the customer is not responsive: I do this routinely.
> Contents are usually targets, not sources and it's easier/cheaper for > them to halt the VM or shut the port on the switch that signaling null > route via BGP. That host may be on a customer infrastructure which we do not control, so it cannot be shut down without impact on other services. Also, it is usually better for customer experience and to allow some early forensic analysis to drop connectivity to a compromised host than to just shut it down. -- ciao, Marco _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
