this might have been a technical decision, to block udp:123 from ipv6 sources, because of the possibility of DoS amplification, then executed badly? https://www.cloudflare.com/en-gb/learning/ddos/ntp-amplification-ddos-attack/
but, still, one would think that Hyperoptic would have appropriate ingress rules on their CPEs and elsewhere to prevent spoofing, as well as permit udp:123 from their customers.
