NTP for ASBRs?

John Kristoff jtk at depaul.edu
Wed May 8 16:17:11 UTC 2019

On Wed, 8 May 2019 07:56:33 +0000
Lars Prehn <lprehn at mpi-inf.mpg.de> wrote:

> do you NTP sync your AS boundary routers? If so, what are incentives for 
> doing so? Are there incentives, e.g. security considerations, not to do it?

In addition to what others have mentioned, if these systems are to
perform route origin validation (ROV), an accurate notion of time would
be desirable.  From section 6 in IETF RFC 7115 / BCP 185 - Origin
Validation Operation Based on the Resource Public Key Infrastructure

   As a router must evaluate certificates and ROAs that are time
   dependent, routers' clocks MUST be correct to a tolerance of
   approximately an hour.


More information about the NANOG mailing list