[ntpwg] [dhcwg] NTP option: IP address and/or FQDN
Danny Mayer
mayer at ntp.org
Thu Dec 13 05:06:25 UTC 2007
Alain Durand wrote:
>
>
> On 12/9/07 10:16 AM, "Richard Gayraud (rgayraud)" <rgayraud at cisco.com>
> wrote:
>
>> => But more importantly, this does not give any guaranty that a vendor
>> will not ship a small home router with a DHCP server inside, with an
>> embeded NTP server address => worst case.
>
> Excuse me if I'm just adding fuel to the fire, but I still fail to see the
> difference between a vendor shipping a home router with a DHCP server that
> has an NTP option embedding a hard-coded IP address and the same vendor
> shipping a similar product with a hard-coded FQDN...
>
> - Alain.
A DHCP server sending out a fixed address will likely cause an
amplification attack since every dhcp client will then query that same
IP address. A FQDN can result in different addresses being used by each
client since each client can get a different IP address as an answer if
the authorative DNS is configured to return multiple A and/or AAAA
records. The owner can also change the address from time to time and
just update the DNS with new information. Changing the address to
127.0.0.1 and ::1 will result in it sending queries to itself with a
terrific reduction in IP traffic.
Danny
More information about the ntpwg
mailing list