TWC (AS11351) blocking all NTP?
Joel M Snyder
Joel.Snyder at Opus1.COM
Mon Feb 3 19:21:56 UTC 2014
> It seems thata hosts sending large amounts of NTP traffic over the
> public Internet can be safely filtered if you don't already know that
> it's one of the handful that's in the ntp.org pools or another well
> known NTP master.
Speaking as one of the 3841 servers in the pool.ntp.org pool, I'm happy
to be described as a "handful," something my mother used to say, but I
do feel obligated to point out that it's a pretty big handful especially
if you want to be fiddling ACLs on an hourly basis which is pretty much
what it takes.
And, of course, if you're one of that handful, then you've pretty much
got to allow that NTP traffic in, although you're also probably,
hopefully, clue-full enough not to let random hosts make you a DDoS
accelerator.
(the other) jms
--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
jms at Opus1.COM http://www.opus1.com/jms
More information about the NANOG
mailing list