NTP versions in production use?

Harlan Stenn stenn at nwtime.org
Sun Jul 12 22:23:58 UTC 2015 

On 7/12/15 11:31 AM, Valdis.Kletnieks at vt.edu wrote:
> On Sun, 12 Jul 2015 10:15:20 -0400, "Mike O'Connor" said:
> 
>> :Thanks, and I'm kinda stunned that folks are running such ancient
>> :versions of NTP.
>>
>> I suggest you get accustomed to being stunned.
> 
> He obviously didn't see my post a few weeks back about hosts that were
> looking for an NTP server that went out of service back in 1999. And yes,
> some were still using NTP v1 and v2.
> 
> There's a *lot* of stuff on very serious autopilot out there....

I did see it, and I was assuming it was a "local" configuration problem.
 This is "death by 1,000 cuts" and when I wrote my recent query I was
looking for the big offenders.

To me this situation goes hand-in-hand with the problems getting bcp38
deployed, and what Dan Geer talked about in his keynote speech at Black
Hat 2014:

 http://www.youtube.com/watch?v=nT-TGvYOBpI

I get that some folks have real problems with their build systems and
it's hard to upgrade software tools in that environment.  I know it's
can be expensive to solve that problem.  I'd love to find a way to have
the "versioned tool chain" stuff that I implemented at Cisco/Andiamo be
generally available, but I haven't found that many folks willing to
support it yet and I just don't have the spare cycles to add that to my
"do it for free" pile.

I do know that if more companies were to use this sort of tool that the
argument of "we can't patch older releases because we don't have those
tools anymore and the Q/A process becomes horribly expensive"  goes
away.  And that also means that it's far less expensive and therefore
far more profitable to offer maintenance support on older software
releases for much longer periods of time.  But I must be missing
something here as well, as I was never able to make headway with this
idea when I was at Cisco.
-- 
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 670 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150712/35795b28/attachment.sig>

More information about the NANOG mailing list