Majdi S. Abbas wrote:
On Wed, Oct 21, 2015 at 09:25:25PM +0200, Rob Janssen wrote:
As I have written before, all KoD code should simply be removed.
It serves no useful purpose and it introduces an extra risk.
Depends, inside a campus network where you filter on your
edges you might choose to run both kod and limited on local restrict
lines in order to provide hints to local clients in your rough
administrative domain.
There is no reason to believe that anyone who wants to abuse your server
would be deterred by replies telling them not to do so. And there have been
incidents where the broken clients that abused the servers did not understand
the KoD replies and retried the request even quicker.
The protocol as it is now has no power to stop clients from sending requests
to servers, and the only thing that can be done to limit the load and traffic
is to remain silent. And even that can cause trouble.
Also, providers should implement BCP38. The internet community
should prepare a plan to turn it into an enforced standard.
Should, sure, but aren't incented to and nobody's got the
power to do that. How do you propose to 'enforce' such a thing?
When a sufficiently large part of the internet decides that enough is enough,
they can just cut off the part that does not want to cooperate. Similar action
has been performed to cut off relaying mail servers and other spam senders.
Rob
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
