NTP Sync Issue Across Tata (Europe)
Mel Beckman
mel at beckman.org
Tue Aug 8 19:56:33 UTC 2023
Go for it. I’m sure NTS’ complexity clocks lots of hours for expensive consultants :)
Me, I’m sticking with GPS.)
-mel via cell
On Aug 8, 2023, at 11:34 AM, Rubens Kuhl <rubensk at gmail.com> wrote:
So little deployment that has 3500 occurrences according to shodan.io<http://shodan.io>. With such few choices, It should be hard to find suitable options.
Rubens
Em ter., 8 de ago. de 2023 13:02, Mel Beckman <mel at beckman.org<mailto:mel at beckman.org>> escreveu:
I’m familiar with NTS, which is pointedly not NTP. That’s like saying “TCP port 80 can be made secure,: just use a VPN!” Perhaps when NTS is widely deployed it will be an option. As the RFC was only approved in 2020, that will probably take a decade. Or more. (I’m talking about you, IPv6 :) Not to mention the complexity or NTS for hardware implementation in network elements, a primary application (https://tinyurl.com/ntsishard).
-mel
> On Aug 8, 2023, at 8:26 AM, Rubens Kuhl <rubensk at gmail.com<mailto:rubensk at gmail.com>> wrote:
>
> On Tue, Aug 8, 2023 at 12:12 PM Mel Beckman <mel at beckman.org<mailto:mel at beckman.org>> wrote:
>>
>> Until the Internet NTP network can be made secure, no.
>
> Internet NTP can be made secure, it's called NTS.
> https://developers.cloudflare.com/time-services/nts/ describes it with
> links to the RFC, and describes one of the many NTP servers that is
> available with NTS, time.cloudflare.com<http://time.cloudflare.com>. I already mentioned 5 others,
> and there are many more than those 6.
>
>
> Rubens
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230808/31b7766c/attachment.html>
More information about the NANOG
mailing list