On Sat, 7 Jun 2003, Robert Boyle wrote:
We run NTP client and server on all of our customer touching and core routers and we just tell them to make their WAN gateway their NTP server. This works well for us and we need to have correct and synchronized time on all of our routers for logging and debugging purposes anyway. The processor penalty seems to be very minimal (if anything) to respond to NTP requests and seems to make sense to further the load distribution as much as possible. Do others do this? does anyone see a reason it shouldn't be done this way? It just seemed to make sense to me.
Already published in other forums. As a general principle, having an open UDP port exposes your network infrastructure to either something like a NTP worm (if one was written) or a great attack amplifier by spoofing NTP queries from a victim's IP address. You can search Google for other NTP specific security issues. Unfortunately, ISPs need to supply services to customers and every service is potentially vulnerable to some type of attack. Even an isolated network such as the proposed GOVNET is vulnerable to certain types of attacks. ISPs provide time services in a few common ways 1. They don't provide time service, use a "public" time server 2. They provide time service from/to only selected NTP servers 3. They provide time service from router interface to only the direct customer network 4. They provide time service to anyone