On Thu, Dec 6, 2018 at 11:12 AM Jared Mauch wrote: > UDP is filtered or policed by network operators not because they want > it, but as self-defense. Nothing personal. If you are on the end of > a long subsea circuits, you may not be able to use UDP based > protocols. If you are trying to SNMP poll over public internet > because you think you can e2e, you will become sad. No operator wants > to deploy these configurations, they must because of the problems.
I do get the need for self-defense. But ... Does this apply to all UDP or just specific UDP-based protocols? What I commented on specifically was UDP/443 (QUIC), something that people are actually trying to deploy. If you block it, is that based on evidence of actual UDP/443 attacks? Mike Heard _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
