well-known NTP?

Brandon Butterworth brandon at rd.bbc.co.uk
Tue Apr 11 23:26:35 UTC 2006


> [I just happened to see this, browsing at high speed, so please
> forgive me, if I'm out of context.]

You did miss the point (if there is one still)

> a rouge anycast NTP server could create
> substantial amounts of harm from security and other standpoints by
> giving out incorrect time.

It doesn't matter, if people cared they'd use something better. This is
about people configuring and forgetting where they don't really care
(and it's probably not needed or used anyway). Some have discussed
returning bogus data to these unwanted queries, seems no different to an
anycast gone bad.

At least an anycast ntp is there because someone wants people to use it,
if it goes bad the upstreams can stop accepting the announcement. Far
easier than updating the firmware on thousands of boxes to stop
querying someone returning bad data because they don't want their
service used any more (which they could just change address on and
stop worrying about a few packets that are below most ISPs noise).

brandon



More information about the NANOG mailing list