der Mouse writes: > I wrote: >> I have seen an increase in NTP requests from addresses in the >> 10.0.0.* net in the past couple of weeks.
> These indicate that *someone* isn't doing proper ingress filtering; > RFC1918-private addresses should not be hitting you from the outside. > > Since 10/8 is not globally routed, they have to be coming from your > side of your upstream default-free zone, which probably means your own > ISP. > > > Is this misconfigured networking on the client's end? > > Yes. Also badly misconfigured networking on your ISP's end. Is it really that way? I mean, a client forms a request NTP packet, and puts it into a UDP packet with my IP as the destination and his IP address as where he wants to get the response back. A metric buttload of routers between him and me pass this packet on to me. My ntpd sees the request and replies back to the address he put in the UDP packet. Is it really the responsibility of the network layer to check the "from" address and see it's nonsensical? I mean, if I mail a letter from my house but put a return address of the White House up in the corner, the post office will probably try to deliver it anyway, and not reject it simply because it didn't really come from there. Tim. _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
