[j-nsp] NTP Reflection

Mark Tees marktees at gmail.com
Mon Jan 13 17:53:21 EST 2014


I hope I am wrong here but the only place I have seen a decent example of
an accurate and secure lo0 firewall filter was in the Juniper MX series
book?


On Tue, Jan 14, 2014 at 9:44 AM, Paul S. <contact at winterei.se> wrote:

> On 1/14/2014 午前 07:14, Jared Mauch wrote:
>
>> On Jan 13, 2014, at 5:03 PM, Chuck Anderson <cra at WPI.EDU> wrote:
>>
>>  Shouldn't this be SOP anyway?
>>>
>> In the past many ISPs provided time to customers from the router
>> hardware.  The difference I’ve seen here is regarding the speed that
>> devices will respond.  The Juniper devices have a faster processor so will
>> respond much faster than an “ISR” device from other vendors.  The lack of
>> ability to further tweak the ntp.conf is a bit frustrating.
>>
>> - Jared
>>
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
> I've never really seen any ISPs who actually use proper firewall filters
> to allow NTP requests on the routers publicly; so it's 'somewhat'
> manageable - still.
>
> Granted, Juniper should have ways to distinguish client behavior from
> server behavior, still.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>



-- 
Regards,

Mark L. Tees


More information about the juniper-nsp mailing list