>>>>> "Ross Patterson" writes:
Ross> Several Internet service providers (the real kind, like PSI
Ross> and AlterNet, not the pseudo-online-services like Digex and
Ross> Netcom) have what could best be described as a "reverse
Ross> firewall", strictly for business reasons. In an effort to
Ross> prevent their customers from becoming piggy-back service
Ross> providers (like some long-distance telephone services),
Ross> these companies limit the traffic coming *out* of their
Ross> customers' networks to just those network numbers that have
Ross> been identified in the contract as the customers'.
While we at AlterNet are happy that you consider us "the real kind" of
Internet service provider, some of what you describe above doesn't
really jibe with the facts.
We don't do packet filtering on our routers. There are several reasons
for this, not least of which is the impact that such filtering would
have on router throughput if we did it everywhere.
It is possible that you are referring to BGP route filtering. We do
limit which routes we'll accept from our BGP peers, as it prevents
customer configuration problems from affecting the backbone. This has
very little to do with "preventing customers from becoming piggy-back
service providers" and everything to do with preventing people from
feeding us bogus routing information.
It could also be said that we "block traffic" if the customer hasn't
provided us with a request to route a particular network. Again, this
has nothing to do with "preventing piggy-back providers", but simply
that static routed customers don't receive traffic for which there's
no route. My apologies if this seems obvious, but in the current
climate of concern about the routing infrastructure, it pays to be
I hope this clarifies things. Also, if you have questions about
AlterNet's policies, feel free to call us. We're happy to talk to
customers, prospective customers, and other providers.
ObFirewall: AlterNet is now offering security consulting services to
our customers and others. I'm not going to plug things here on the
list, so mail or call me for more information.
Bob Stratton Sr. Engineer
UUNET Technologies, Inc. strat @
3110 Fairview Park Dr., Suite 570 Voice) +1 703 204 8000
Falls Church, Va 22042 Fax) +1 703 204 8001