North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open Letter to D-Link about their NTP vandalism

  • From: Martin Hannigan
  • Date: Wed Apr 12 01:03:39 2006

At 11:47 PM -0400 4/11/06, Brian Dickson wrote:
Two concrete technical suggestions to mitigate the volunteered NTP server's
usage issues at the DIX:

(1) Have someone else anycast the DIX block, and NAT the incoming NTP requests
to another NTP stratum-1 server (eg pool address(es)).

Or a much better idea:

(2) Renumber into a new /24, which is announced only at the DIX with no-export,
so that only DIX members are able to reach the server - as was the intended
usage of this NTP server in the first place.
All these messages for a device that:

- probably uses ntp for internal log cacheing
- is a home/SOHO device
- a box that can't be chimed
- has ntp on the wan port only

I wonder who DNS servers they embedded.


Martin Hannigan                                (c) 617-388-2663
Renesys Corporation                            (w) 617-395-8574
Member of Technical Staff                      Network Operations
                                              [email protected]