Open Letter to D-Link about their NTP vandalism

Nicholas Suan nsuan at nonexiste.net
Sat Apr 8 16:17:20 UTC 2006


On Sat, Apr 08, 2006 at 10:51:27AM -0500, Church, Chuck wrote:

> Since the intended (and announced) use of this server is just for DIX
> networks, blocking NTP from any other networks should be trivial.  That
> IP address will still be hit by D-Link devices looking for a suitable
> server, but with no response, they'll move onto another device, and
> probably never try the DIX address again, at least until they're
> rebooted.  That alone should kill off 95% of the unwanted traffic
> hitting the box, and probably 80% of the traffic even being sent to DIX
> in the first place.
> 

It would be nice if it were that simple. However there are an annoyingly
large amount of poorly-written clients whose polling ratios do not
decrease after they get no response from the server. There have even
been some clients whose polling rate *increases* after they get no
response.



More information about the NANOG mailing list