Ive talked to some major peering exchanges and they refuse to take any action. Possibly if the requests come from many peering participants it will be taken more seriously?
> On Feb 22, 2014, at 19:23, "Peter Phaal" <peter.ph...@gmail.com> wrote: > > Brocade demonstrated how peering exchanges can selectively filter > large NTP reflection flows using the sFlow monitoring and hybrid port > OpenFlow capabilities of their MLXe switches at last week's Network > Field Day event. > > http://blog.sflow.com/2014/02/nfd7-real-time-sdn-and-nfv-analytics_1986.html > >> On Sat, Feb 22, 2014 at 4:43 PM, Chris Laffin <claf...@peer1.com> wrote: >> Has anyone talked about policing ntp everywhere. Normal traffic levels are >> extremely low but the ddos traffic is very high. It would be really cool if >> peering exchanges could police ntp on their connected members. >> >>> On Feb 22, 2014, at 8:05, "Paul Ferguson" <fergdawgs...@mykolab.com> wrote: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA256 >>> >>>>> On 2/22/2014 7:06 AM, Nick Hilliard wrote: >>>>> >>>>> On 22/02/2014 09:07, Cb B wrote: >>>>> Summary IETF response: The problem i described is already solved >>>>> by bcp38, nothing to see here, carry on with UDP >>>> >>>> udp is here to stay. Denying this is no more useful than trying to >>>> push the tide back with a teaspoon. >>> >>> Yes, udp is here to stay, and I quote Randy Bush on this, "I encourage >>> my competitors to block udp." :-p >>> >>> - - ferg >>> >>> >>> - -- >>> Paul Ferguson >>> VP Threat Intelligence, IID >>> PGP Public Key ID: 0x54DC85B2 >>> >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v2.0.22 (MingW32) >>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ >>> >>> iF4EAREIAAYFAlMIynoACgkQKJasdVTchbJsqQD/ZVz5vYaIAEv/z2kbU6kEM+KS >>> OQx2XcSkU7r02wNDytoBANVkgZQalF40vhQED+6KyKv7xL1VfxQg1W8T4drh+6/M >>> =FTxg >>> -----END PGP SIGNATURE----- >>
