[169393] in North American Network Operators' Group
Re: Filter NTP traffic by packet size?
daemon@ATHENA.MIT.EDU (Chris Laffin)
Sat Feb 22 19:44:19 2014
From: Chris Laffin <claffin@peer1.com>
To: "nanog@nanog.org list" <nanog@nanog.org>
Date: Sun, 23 Feb 2014 00:43:34 +0000
In-Reply-To: <5308CA7A.4020905@mykolab.com>
X-MAIL-FROM: <claffin@peer1.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Has anyone talked about policing ntp everywhere. Normal traffic levels are =
extremely low but the ddos traffic is very high. It would be really cool if=
peering exchanges could police ntp on their connected members.=20
> On Feb 22, 2014, at 8:05, "Paul Ferguson" <fergdawgster@mykolab.com> wrot=
e:
>=20
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>=20
>> On 2/22/2014 7:06 AM, Nick Hilliard wrote:
>>=20
>>> On 22/02/2014 09:07, Cb B wrote:
>>> Summary IETF response: The problem i described is already solved
>>> by bcp38, nothing to see here, carry on with UDP
>>=20
>> udp is here to stay. Denying this is no more useful than trying to
>> push the tide back with a teaspoon.
>=20
> Yes, udp is here to stay, and I quote Randy Bush on this, "I encourage
> my competitors to block udp." :-p
>=20
> - - ferg
>=20
>=20
> - --=20
> Paul Ferguson
> VP Threat Intelligence, IID
> PGP Public Key ID: 0x54DC85B2
>=20
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>=20
> iF4EAREIAAYFAlMIynoACgkQKJasdVTchbJsqQD/ZVz5vYaIAEv/z2kbU6kEM+KS
> OQx2XcSkU7r02wNDytoBANVkgZQalF40vhQED+6KyKv7xL1VfxQg1W8T4drh+6/M
> =3DFTxg
> -----END PGP SIGNATURE-----
>=20
