NTP Server

Matthew Petach mpetach at netflight.com
Sun Oct 24 20:48:35 UTC 2010


On Sun, Oct 24, 2010 at 8:34 AM, Brandon Kim <brandon.kim at brandontek.com> wrote:
>
> Hey guys:
>
> I wanted to open up this question regarding NTP server. I recalled someone had created a posting of this quite awhile back.
> >From a service provider/ISP standpoint,  does anyone think that having a local NTP server is really necessary?
>
> I've asked some of my fellow engineers at work and many of them gives me the same response, "Can't we just use free ones out on the internet?"

Depends on how much you trust other people.
NTP can potentially be used as a DoS vector by your upstream clocks,
if you're not running your own.

I've seen 50,000 servers panic in the blink of an eye when the NTP source
issued a leap second, and the kernel wasn't patched to handle it properly;
and that's a forward leap second.  Nobody's tested reverse leap seconds
yet; who knows what would happen to your hosts if your upstream NTP
servers decided to issue a reverse leap second towards you?  Granted, if
you choose enough diverse upstream clocks, that becomes more difficult
for someone to exploit; but it's not impossible, and you can't count on
keeping your upstream clock sources secret, given the bidirectional
communication that can take place between NTP servers.

*shrug*  It's cheap enough to run your own clock sources, once you're
above a certain size, and it's one less potential attack vector from the
outside; why wouldn't you want to secure your edge against it?

Matt




More information about the NANOG mailing list