North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open Letter to D-Link about their NTP vandalism

  • From: Rubens Kuhl Jr.
  • Date: Fri Apr 07 18:24:37 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta;; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GIerdaYNfhOT9ZDRb9ryloLVRdh746CFUjGQDw7qng9BZFTrTb7EpwynZoCPxDK3zXRD+ZYUTiV6M0R/GudVXtlNpinBWxjoRC6bzN1FmvhaaL2HqoyZc0dFCd8AY9cqhJjQ1zCrvnidqNoCzlfSFaLe5beRZGc5j7Tn48LiGmc=

> > I think he should use dns views to answer the queries to and either:
> > ( a ) answer to all queries from outside his service area
> > ( b ) answer a D-Link IP address to all queries from outside his
> > service area (which could lead to getting their attention; dunno if
> > from their engineers or from their lawyers).
> Neither of which would solve the problem of his bandwidth being used by
> these, although (b) might actually serve to get their attention.

This reduces the bandwidth, as instead of dropping NTP packets, they
would never come to him in the first place.

> Perhaps as a thanks to him for the public service he provides the DIX,
> all of the users at DIX could set their external routers to reject
> incoming NTP packets from networks other than their own? Or even combine

Which still would require him to answer DNS requests for

> that with (b), although it might be more effective if it targeted, oh,
> instead of an IP address.

Answering with CNAME instead of A is a good enhancement of the
original idea... :-)

> Then at least it would not be taking up internal DIX bandwidth capacity.

It still would require him to answer the DNS requests. Only way to
addres that is everybody outside DIX declare as in their resolvers.

> By no means am I encouraging legally actionable activity, however, and
> as noted, (b) just might be.

Motion granted.