nanog mailing list archives

Re: OpenNTPProject.org

From: Saku Ytti <saku () ytti fi>
Date: Thu, 16 Jan 2014 16:56:33 +0200

On (2014-01-16 14:30 +0000), Dobbins, Roland wrote:

In point of fact, anti-spoofing is most useful and most practical at the access-network edge, or as close to it as 
possible.


We must disagree on definition of practical. Maybe if I'd reword it realistic
we might be closer.

It is not going to happen, the most suspect places are places where it's going
to be most difficult to get, either fully on autopilot with no technical
personnel capable or having the power to make the change or ghetto gear with
no capability for it.

The longer we endorse fantasy the longer it'll take to promote practical
solutions. There is nothing near consensus that IP transit should or even can
be ACLd, but it's really simple and I'm happy to volunteer my time with any
network wishing to implement it.
Very modest amount of ports will produce significant reduction in spoofing
pay-off.

-- 
  ++ytti

Current thread:

Re: OpenNTPProject.org, (continued)
- Re: OpenNTPProject.org Tony Finch (Jan 14)
- Re: OpenNTPProject.org Derek Andrew (Jan 13)
  - Re: OpenNTPProject.org Bjoern A. Zeeb (Jan 13)
    - Re: OpenNTPProject.org Saku Ytti (Jan 13)
    - Re: OpenNTPProject.org Paul Ferguson (Jan 14)
    - Re: OpenNTPProject.org Pierre Lamy (Jan 16)
    - Re: OpenNTPProject.org Mark Andrews (Jan 16)
    - Re: OpenNTPProject.org Damian Menscher (Jan 14)
    - Re: OpenNTPProject.org Saku Ytti (Jan 14)
    - Re: OpenNTPProject.org Dobbins, Roland (Jan 16)
    - Re: OpenNTPProject.org Saku Ytti (Jan 16)
    - Re: OpenNTPProject.org Dobbins, Roland (Jan 16)
    - Re: OpenNTPProject.org Nicolai (Jan 15)
    - "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Christopher Morrow (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Christopher Morrow (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Andrew Sullivan (Jan 16)
    - Re: "trivial" changes to DNS (was: OpenNTPProject.org) Cb B (Jan 16)

(Thread continues...)