[AusNOG] Stopping unwanted random NTP traffic

Andrew Tschudi andrewtschudi at gmail.com
Wed Apr 16 10:24:50 EST 2014


The problem is our upstream provider could not help us stop the traffic and
we ran out of network capacity. Engineering said they can look at blocking
the traffic as part of a special project which might take 6 weeks.

Andrew



On Wed, Apr 16, 2014 at 10:15 AM, Dobbins, Roland <rdobbins at arbor.net>wrote:

>
> On Apr 16, 2014, at 7:13 AM, Andrew Tschudi <andrewtschudi at gmail.com>
> wrote:
>
> > We were the target of the attacks and have no open NTP servers on our
> network.
>
> Gotcha.
>
> In that case, you can use QoS to police down non-76-byte UDP/123 traffic
> to 1mb/sec in aggregate or thereabouts, and ask your upstream transit(s) to
> do the same on their side of the link(s).
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
>           Luck is the residue of opportunity and design.
>
>                        -- John Milton
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140416/b4aa55cc/attachment.html>


More information about the AusNOG mailing list