Re: [time] Requests from 10.0.0.*

Thu, 20 Sep 2007 08:26:34 -0700 

On Thu, Sep 20, 2007 at 10:58:37AM -0400, der Mouse wrote (that someone
else wrote):

||  > I have seen an increase in NTP requests from addresses in the
||  > 10.0.0.* net in the past couple of weeks.
||
||  These indicate that *someone* isn't doing proper ingress filtering;
||  RFC1918-private addresses should not be hitting you from the outside.

I'm not sure I'd want my ISP blocking packets with globally unroutable
source addresses.  As long as they're targeted at me, I'll have them.

In fact, I don't really want my ISP to do any filtering.  I want them
to shove around packets for me.

||  Since 10/8 is not globally routed, they have to be coming from your
||  side of your upstream default-free zone, which probably means your own
||  ISP.

I think you're mixing source and destination addresses.

||  > Is this misconfigured networking on the client's end?
||
||  Yes.  Also badly misconfigured networking on your ISP's end.

Not badly, but I'll accept that it's debatable if it's a misconfiguration.

Then again, perhaps it's even some host on the ISP's internal network
querying the time server.  In that case, replies to the 10/8 address might
very well arrive at the correct destination, since no global routing is
ever applied.  You'd even be able to ping such a host, and more.

||  > Any chance of tracking these clients down and helping them out?
||
||  Depends.  If your ISP is competent, this is just an "uh..oops!" they
||  should fix pronto once it's brought to their attention.  If not, you
||  may have trouble finding anyone who even understands the issue....

Anyone sending out such packets will probably have a very hard time
getting a reply.  If there is a problem, it will sort out itself soon
enough.

Ciao.                                                             Vincent.
-- 
Vincent Zweije <[EMAIL PROTECTED]>    | "If you're flamed in a group you
<http://www.xs4all.nl/~zweije/>      | don't read, does anybody get burnt?"
[Xhost should be taken out and shot] |            -- Paul Tomblin on a.s.r.

Attachment: signature.asc
Description: Digital signature

_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers

Reply via email to