[168714] in North American Network Operators' Group
Re: TWC (AS11351) blocking all NTP?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Mon Feb 3 15:47:23 2014
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <alpine.BSF.2.00.1402031527540.58824@joyce.lan>
Date: Mon, 3 Feb 2014 15:46:50 -0500
To: "John R. Levine" <johnl@iecc.com>
Cc: Joel M Snyder <Joel.Snyder@Opus1.COM>, nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 3, 2014, at 3:29 PM, John R. Levine <johnl@iecc.com> wrote:
>>> It seems thata hosts sending large amounts of NTP traffic over the
>>> public Internet can be safely filtered if you don't already know =
that
>>> it's one of the handful that's in the ntp.org pools or another well
>>> known NTP master.
>>=20
>> Speaking as one of the 3841 servers in the pool.ntp.org pool, I'm =
happy to be described as a "handful," something my mother used to say, =
but I do feel obligated to point out that it's a pretty big handful =
especially if you want to be fiddling ACLs on an hourly basis which is =
pretty much what it takes.
>=20
> I was thinking that the ntp.org servers on any particular network are =
a small set of exceptions to a general rule to rate limit outgoing NTP =
traffic.
www.pool.ntp.org allows any NTP operator to opt-in to receive NTP =
traffic should their clock be available and accurate.
- Jared=
