I tend to disagree somewhat, you really have to put some context around the request and convey that to your provider. If the request is "please help me block this DDoS traffic so that I can contact the source as it's impacting my ability to do business" I think that is a reasonable request as long as it's not a permanent solution. I have worked through similar incidents in some datacenter in Northern Virginia (Sterling, Ashburn) and all of them accommodated that request at no cost.
-- Michael Gatti [email protected] On Oct 27, 2011, at 8:09 PM, James Ashton wrote: > Christopher, > This is pretty common policy. Not many datacenters of any size is going to > act differently. If you don't purchase this service then you will not get > the service. > > They may be willing work work with you on black-holing problem IPs though. > This is pretty common, but don't expect a filtering package without > purchasing it. > > James > > ----- Original Message ----- > From: "Christopher Pilkington" <[email protected]> > To: "NANOG mailing list" <[email protected]> > Sent: Tuesday, October 25, 2011 2:43:00 PM > Subject: Colocation providers and ACL requests > > Is it common in the industry for a colocation provider, when requested to put > an egress ACL facing us such as: > > deny udp any a.b.c.d/24 eq 80 > > …to refuse and tell us we must subscribe to their managed DDOS product? > > -cjp > > >
