nanog mailing list archives
Re: NTP for ASBRs?
From: John Kristoff <jtk () depaul edu>
Date: Wed, 8 May 2019 11:17:11 -0500
On Wed, 8 May 2019 07:56:33 +0000 Lars Prehn <lprehn () mpi-inf mpg de> wrote:
do you NTP sync your AS boundary routers? If so, what are incentives for doing so? Are there incentives, e.g. security considerations, not to do it?
In addition to what others have mentioned, if these systems are to perform route origin validation (ROV), an accurate notion of time would be desirable. From section 6 in IETF RFC 7115 / BCP 185 - Origin Validation Operation Based on the Resource Public Key Infrastructure (RPKI): As a router must evaluate certificates and ROAs that are time dependent, routers' clocks MUST be correct to a tolerance of approximately an hour. John
Current thread:
- NTP for ASBRs? Lars Prehn (May 08)
- Re: NTP for ASBRs? Job Snijders (May 08)
- Re: NTP for ASBRs? Christopher Morrow (May 08)
- Re: NTP for ASBRs? Vincent Bernat (May 08)
- Re: NTP for ASBRs? Kenneth McRae via NANOG (May 08)
- Re: NTP for ASBRs? Mark Tinka (May 08)
- RE: NTP for ASBRs? adamv0025 (May 08)
- Re: NTP for ASBRs? Mark Tinka (May 08)
- Re: NTP for ASBRs? Radu-Adrian Feurdean (May 08)
- <Possible follow-ups>
- Re: NTP for ASBRs? John Kristoff (May 08)
- Re: NTP for ASBRs? Scott Weeks (May 08)
- Re: NTP for ASBRs? Bryan Holloway (May 08)
- Re: NTP for ASBRs? Valdis Klētnieks (May 08)
- Re: NTP for ASBRs? Christopher Morrow (May 08)
- Re: NTP for ASBRs? Randy Bush (May 08)
- Re: NTP for ASBRs? Andy Smith (May 09)
- Re: NTP for ASBRs? Christopher Morrow (May 09)
- Re: NTP for ASBRs? Mike Hammett (May 09)
- Re: NTP for ASBRs? Christopher Morrow (May 10)
- Re: NTP for ASBRs? Job Snijders (May 08)