Internet2 Network Security SIG

[John Kristoff <>]

On Tue, 25 Jul 2017 13:59:47 +0000
gcbrowni 
<>
 wrote:

> I wonder if anyone would be interested in engaging in a though
> experiment with me on turning off NTP on the routers?

Might the question be more general, such as "what would the effect of
not having a synchronized clock on a router be?"  Or do you care
specifically about NTP?

> 2) You loose the ability to easily correlate messages between routers
> if their clocks don’t match. I suspect this is mostly a non-issue
> since most(?) are sending logs to something like Splunk which can
> stamp the time for correlation purposes?

Won't some log collectors also keep the time stamp from the local
system?  So the inconvenience may be more widespread.

If you want to do RPKI, having an accurate notion is going to be
desirable.

You might also want good clocks for NetFlow/IPFIX collectors if you
export flows.

> Anyone have thoughts or observations on this?

It seems unlikely to cause any serious operational issues on most
networks, but I'm not convinced removing it is better than keeping it.
I think the inconvenience is going to add up quickly for most "serious"
operators.

> is NTP still relevant on routers and/or does it justify the risk of
> running it?

Perhaps enumerate the risks as well.  Depending on the router for
example, a default, accessible NTP service:

  * may unwittingly become a reflector/amplifier
  * may enable an information leak
  * may present a CPU/packet DoS condition
  * may expose an unauthenticated path into the system

John