<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:black;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-AU" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Dear Nathan<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">I can understand your pain of wanting control especially to protect your interfaces from unwanted denial of service traffic, as network BGP interfaces are very common targets against
networks.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Whilst Telstra’s policy is to supply a TID IP address they also allow you to place ACL rules for TID IP address space using the custdata portal, which can be extremely useful.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">This way you can deny any unwanted traffic towards the TID IP address on both sides of the interface, effectively making the TID IP address inaccessible if required.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Examples which might be useful are below where 1.1.1.1 is your TID IP
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Deny ip any 1.1.1.1 0.0.0.3<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Deny icmp any 1.1.1.1 0.0.0.3<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">If you need any help or advise in securing services from DDoS attacks just ask
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US">Kindest Regards<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><b><span lang="EN-US" style="font-family:"Verdana",sans-serif;color:black">James Braunegg<br>
</span></b><b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">P:</span></b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black"> 1300 769 972 |
<b>M:</b> 0488 997 207 | <b>D:</b> (03) 9751 7616<o:p></o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">E:</span></b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">
</span><span lang="EN-US" style="color:black"><a href="mailto:james.braunegg@micron21.com"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">james.braunegg@micron21.com</span></a></span><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">
| <b>ABN:</b> 12 109 977 666 <br>
<b>W:</b> <a href="http://www.micron21.com/ddos-protection"><span style="color:black">www.micron21.com/ddos-protection</span></a>
<b>T:</b> @micron21<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">Follow us on
</span><span style="color:black"><a href="http://www.twitter.com/micron21"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">Twitter</span></a></span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">
</span><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">for important service and system updates.<br>
<br>
</span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black"><img border="0" width="167" height="26" id="Picture_x0020_1" src="cid:image002.jpg@01D2652A.48F1E590" alt="M21.jpg"></span><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black"><br>
</span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:black">This message is intended for the addressee named above. It may contain privileged or confidential information. If you are not the intended recipient of this message you must not
use, copy, distribute or disclose it to anyone other than the addressee. If you have received this message in error please return the message to the sender by replying to it and then delete the message from your computer.<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> AusNOG [mailto:ausnog-bounces@lists.ausnog.net]
<b>On Behalf Of </b>Nathan Brookfield<br>
<b>Sent:</b> Monday, 2 January 2017 6:21 PM<br>
<b>To:</b> <ausnog@lists.ausnog.net> <ausnog@lists.ausnog.net><br>
<b>Subject:</b> [AusNOG] Telstra Internet Direct - BGP<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">Hi Guys,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Looking for advice and guidance from anyone else on list who has provisioned Transit services with Telstra in the past. Last year we placed orders for TID services and during the LOLO ordering process there was an option
for us to supply /30 IP addressing for our sessions to Telstra “which gave me a false sense of acceptance”.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">That was, until the IP Assurance guys came back to us in September advising that only TID IP addressing was allowed for the adjacency interfaces and that we would not be allowed to use our own address space. Now, that
doesn’t sound unreasonable except for the fact that we have a policy across all upstream transit networks to only use our own IP space for several reasons, the primary one being to provide us with a higher level of control during a denial of service attack
and we’ve never had a transit provider push back on us with this until now.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Has anyone had this experience with Telstra and experienced success in having them not enforce the policy of Telstra /30’s for direct private interfaces or should I give up now?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Thanks in advance,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="background:white"><span lang="EN-US" style="font-size:10.0pt;color:#1F497D">Kindest Regards,</span><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif;color:#212121"><o:p></o:p></span></p>
<p class="MsoNormal" style="background:white"><span lang="EN-US" style="font-size:10.0pt;color:#365F91">Nathan Brookfield (VK2NAB)</span><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif;color:#212121"><o:p></o:p></span></p>
<p class="MsoNormal" style="background:white"><span lang="EN-US" style="font-size:10.0pt;color:#365F91"> </span><span style="font-size:9.0pt;font-family:"Arial",sans-serif;color:#AD2A43"><br>
</span><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#ED7D31">CONFIDENTIALITY & PRIVILEGE NOTICE</span><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#AD2A43"><br>
</span><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:gray"><br>
</span><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#A6A6A6">The information contained in this email and any attached files is strictly private and confidential. The intended recipient of this email may only use, reproduce, disclose or
distribute the information contained in this email and any attached files with Simtronic Technologies Pty Ltd’s permission. If you are not the intended recipient, you are strictly prohibited from using, reproducing, adapting, disclosing or distributing the
information contained in this email and any attached files or taking any action in reliance on it. If you have received this email in error, please email the sender by replying to this message, promptly delete and destroy any copies of this email and any attachments.<br>
<br>
It is your responsibility to scan this communication and any files attached for computer viruses and other defects and recommend that you subject these to your virus checking procedures prior to use. Simtronic Technologies Pty Ltd does NOT accept liability
for any loss or damage (whether direct, indirect, consequential, economic or other) however caused, whether by negligence or otherwise, which may result directly or indirectly from this communication or any files attached.</span><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif;color:#212121"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
</body>
</html>