TWC (AS11351) blocking all NTP?

William Herrin bill at
Tue Feb 4 18:55:03 UTC 2014

On Tue, Feb 4, 2014 at 1:03 PM, Jared Mauch <jared at> wrote:
>> On Feb 4, 2014, at 11:52 AM, William Herrin <bill at> wrote:
>>> Those that are up in arms about this stuff seem to not be the ones asking
>>> the vendors for features and fixes.
>> Like I said, the "tier 1's" can't be the source of the solution until
>> they stop being part of the problem.
> This is the attitude that I've seen elsewhere that is devoid of any meat.
> As I said before, we hit a big preventing the ability to do this even if
> we wanted to. The impact is drop all traffic or permit all in that case.

Hi Jared,

I'm not confident you caught the implications of what I said. At the
reciprocal peering link, you don't drop the spoofed traffic. You let
it flow. You then charge a penalty when it turns out the peering
traffic includes spoofed packets. The impact isn't drop or permit.
It's dollars. Those who can't or won't control their customer links
(where they trivially know what addresses are allowed) start to pay
large amounts of money where they peer. More money than it takes to to
properly implement customer-link filters so that they don't send
spoofed packets to the peer.

No new tech. No blocking. Just cashflow.

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <>
Falls Church, VA 22042-3004

More information about the NANOG mailing list