nanog mailing list archives

Re: NTP for ASBRs?

From: John Kristoff <jtk () depaul edu>
Date: Wed, 8 May 2019 11:17:11 -0500

On Wed, 8 May 2019 07:56:33 +0000
Lars Prehn <lprehn () mpi-inf mpg de> wrote:

do you NTP sync your AS boundary routers? If so, what are incentives for 
doing so? Are there incentives, e.g. security considerations, not to do it?


In addition to what others have mentioned, if these systems are to
perform route origin validation (ROV), an accurate notion of time would
be desirable.  From section 6 in IETF RFC 7115 / BCP 185 - Origin
Validation Operation Based on the Resource Public Key Infrastructure
(RPKI):

   As a router must evaluate certificates and ROAs that are time
   dependent, routers' clocks MUST be correct to a tolerance of
   approximately an hour.

John

Current thread:

NTP for ASBRs? Lars Prehn (May 08)
- Re: NTP for ASBRs? Job Snijders (May 08)
  - Re: NTP for ASBRs? Christopher Morrow (May 08)
- Re: NTP for ASBRs? Vincent Bernat (May 08)
  - Re: NTP for ASBRs? Kenneth McRae via NANOG (May 08)
  - Re: NTP for ASBRs? Mark Tinka (May 08)
  - RE: NTP for ASBRs? adamv0025 (May 08)
- Re: NTP for ASBRs? Mark Tinka (May 08)
- Re: NTP for ASBRs? Radu-Adrian Feurdean (May 08)
- <Possible follow-ups>
- Re: NTP for ASBRs? John Kristoff (May 08)
- Re: NTP for ASBRs? Scott Weeks (May 08)
  - Re: NTP for ASBRs? Bryan Holloway (May 08)
  - Re: NTP for ASBRs? Valdis Klētnieks (May 08)
    - Re: NTP for ASBRs? Christopher Morrow (May 08)
    - Re: NTP for ASBRs? Randy Bush (May 08)
    - Re: NTP for ASBRs? Andy Smith (May 09)
    - Re: NTP for ASBRs? Christopher Morrow (May 09)
    - Re: NTP for ASBRs? Mike Hammett (May 09)
    - Re: NTP for ASBRs? Christopher Morrow (May 10)
- Re: NTP for ASBRs? Scott Weeks (May 08)

(Thread continues...)