Re: BCP38.info, RELATING: TWC (AS11351) blocking all NTP?

["Dobbins, Roland" <rdobbins () arbor net>]

On Feb 3, 2014, at 3:24 PM, Michael DeMan <nanog () deman com> wrote:

> I meant mostly that with IPv6 NAT goes away,

I don't know if this is true or not - and even if it is true, it's going to be a long, long time before the IPv4 
Internet goes away (like, maybe, pretty much forever, heh).

> An NTPv5 solution that could be done with NTP services already, and would be more of a 'best practices of how this 
> shit starts up and what it can do' and educating vendors to have reasonable behavior in the first place?

Yes, but that's many years away, and doesn't address legacy issues.

> And an NTPv6 solution/RFC/guideline that was similar, could help?

Again, many years away, and doesn't address legacy issues.

> I disagree that 'filtering' or 'blocking' any kind of IPv4 or IPv6 protocol to 'protect the end user' is the wrong 
> way to go when compared to just having things work in a secure manner.

Yes, but since the latter part of this statement is unattainable in the foreseeable future, the idea is actually to 
protect *the rest of the Internet* from misconfigured CPE.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton