IETF Logo Mail Archive

Re: [Ntp] [EXT] Re: I-D Action: draft-ietf-ntp-alternative-port-00.txt

Steven Sommars <stevesommarsntp@gmail.com> Mon, 02 November 2020 18:50 UTC

Return-Path: <stevesommarsntp@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 366C53A08C5 for <ntp@ietfa.amsl.com>; Mon, 2 Nov 2020 10:50:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FEo_ILyIwbjp for <ntp@ietfa.amsl.com>; Mon, 2 Nov 2020 10:50:11 -0800 (PST)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A1783A08F6 for <ntp@ietf.org>; Mon, 2 Nov 2020 10:50:11 -0800 (PST)
Received: by mail-io1-xd36.google.com with SMTP id n12so4291005ioc.2 for <ntp@ietf.org>; Mon, 02 Nov 2020 10:50:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dUmnrEP5JT8eejDACHuFJVsUTVjsV+yjSREO/iVZ73A=; b=B1QwaVnnr0IGVThGz0XQVJdahulWx9IwCDgQPWgUD6Jh5wkLtJVKyK4faxksT/eVwi 5v+Bocwn2sd+HH8TDrFR/hcrQlEAu1j026569nLKVTO9Vq3hQ7YVZWLVSaq1RBdni5my XWAydJnJIYEid20kXsRlaYNgqEk5drB1w5er90Uw1488fhjpQe7gxgmvuWytEEYh7ONS PX6AgQs25q69E6+QGtnGyt5romeP0lWMtaMIYVQUgUXUQQIjp5ML4fQjXaAt6S1FV5K4 DakHc9SsKawdaD5wLLVr8yayJnLxvNU8BrDFuVisaLdYmz1OF192Sc2/ozJ2canYLqC6 ix9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dUmnrEP5JT8eejDACHuFJVsUTVjsV+yjSREO/iVZ73A=; b=gYdW0dHKWUpdPKDytm0HnukTh3R1+SHT+LU2eMurV3vhl62gj6ISiF0kj0kbkO5He+ kvAYdxmwjzI/Vv+TtbwQoWyVcH7qHhqEy8z1ZrLpcAcoQbpZ2WNggC/4SEHf1Otejc1W XxX7Gwq6CMfTi94Siu1s2ZCvaQ6RUBtvdYDZkj02Txundq37hvI5Z9uPwpE1M7GOadNc F/pc2YYLF74bY3rD10PPRR1Im4YZhMakRK0Hcpkqv4lw7j9X0GqCnGgUlBTt26TSieix ex/7N/KsPBVjz5fPK89Phj52XvNSEs7XLcyoovwlRbLAXlI0iJMFtevGduvmv/u3H+kl OnGw==
X-Gm-Message-State: AOAM530E105UTE76ZMDm5o2byZLi5P4hwTY6uXwojSlWP2C+p7w12lag 2GVfEzznzUUi2NWMuY++4vb8PhHUIfSgMdB1iHY=
X-Google-Smtp-Source: ABdhPJyQgrFATZr5XTARHeqfpaowjMCypEWumjApaviBX+iaI5YjoeUUr8Ou1rRf3bSbO+YQxwrH63dPVtbMwVVXl04=
X-Received: by 2002:a05:6638:22bb:: with SMTP id z27mr13132920jas.47.1604343010695; Mon, 02 Nov 2020 10:50:10 -0800 (PST)
MIME-Version: 1.0
References: <160251475240.1475.18009830719976625294@ietfa.amsl.com> <CAD4huA5UiS+yAjASKcj9FjWDuSCiVF4rEajZfkyzBSF61-yfvw@mail.gmail.com> <20201026173637.GE580262@localhost> <CAD4huA6h8Nt5z=HnUQZUq8m6tXkPMe3boZK7gXJEPRnKnPB_9w@mail.gmail.com> <5F9BBD6D020000A10003C44F@gwsmtp.uni-regensburg.de> <CAD4huA4FUx8xZHWCtgDd7h+xozZv2+g9URDHodyJxV0S-0yRwg@mail.gmail.com> <b9530289-b585-14d6-2e33-8cb35e4a4e17@nwtime.org>
In-Reply-To: <b9530289-b585-14d6-2e33-8cb35e4a4e17@nwtime.org>
From: Steven Sommars <stevesommarsntp@gmail.com>
Date: Mon, 02 Nov 2020 12:49:58 -0600
Message-ID: <CAD4huA6KKWKfUsdeiW0d6oQO0p8bzFvHCimn0taRt7D=LTZS5g@mail.gmail.com>
To: Harlan Stenn <stenn@nwtime.org>
Cc: "ntp@ietf.org" <ntp@ietf.org>, Miroslav Lichvar <mlichvar@redhat.com>, Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
Content-Type: multipart/alternative; boundary="000000000000401fbd05b3243799"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/A68z7NX9f6aMS4BqNiZnsQTcmTg>
Subject: Re: [Ntp] [EXT] Re: I-D Action: draft-ietf-ntp-alternative-port-00.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Nov 2020 18:50:14 -0000

>
>
> I'd like to see real data on the number servers that are on the public
> internet that are still vulnerable to this.
>

There is this:
  https://scan.shadowserver.org/ntpmonitor/
  https://scan.shadowserver.org/ntpversion/
There are many servers that give small, unamplified responses.   My guess
is there are several thousand that respond with the nasty monlist
amplification.


> > NTP filtering interferes with NTS and the NTP pool on some paths.
>
> I'd like to see real data on this, too.  NTP Pool monitoring can be done
> with simple time queries, and does not require larger NTP packets.
>
Here is some data:

https://weberblog.net/ntp-filtering-delay-blockage-in-the-internet/

http://www.leapsecond.com/ntp/NTP_Suitability_PTTI2020_Revised_Sommars.pdf

NTP Pool monitoring is done with normal mode 3 requests.  I have traced the
NTP packet loss to specific ISPs (they have not responded to my queries).
You can see frustration with "low score" reports at
https://community.ntppool.org/

v2.23.0 | Report a Bug | By Email