SlideShare ist ein Scribd-Unternehmen logo

Fukuoka University Public NTP Service and BCP38

APNIC
APNIC

Presentation by Sho Fujimura at APRICOT 2019 on Thursday, 28 February 2019.

Internet
1 von 28
Information Technology Center, Fukuoka University, Japan Sho FUJIMURA fujimura@fukuoka-u.ac.jp NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION Fuminori -Tany- Tanizaki fuminori.tanizaki@west.ntt.co.jp FUKUOKA UNIVERSITY PUBLIC NTP SERVICE & BCP38
2 Introducing Fukuoka University Objectives 2 Fukuoka University NTP Service 2 Traffic Volumes and Causes 3 NTP SERVICE & BCP38 3 Packet Analysis and Observations 4 Conclusions 4 Reference Materials Today’s Content 1 1
Fukuoka University introduction n Private university ¡ 86th anniversary in May 2019 ¡ Connected to internet in 1993 n Location: Fukuoka City, JAPAN ¡ The city we had APRICOT2015 n 9 faculties (31 departments) n 10 graduate courses (33 specialties) n Approximately 20,000 students n Attached facilities ¡ Hospital: 3 ¡ High school: 2 ¡ Junior high school: 1 3 AS: 18148 Prefix: 133.100.0.0/16, 2405:be00::/32
Today’s Presentation(Objective) n Proceeding with BCP38 (Best Current Practice 38)measures 4
Fukuoka University NTP Service and Network Architecture n Commenced Operations Oct 1993 n Japan’s 1st open NTP Server ¡ 133.100.9.2 ¡ 133.100.11.8 n NTP Server load distributed to 4 servers n Multihomed internet connection to OCN and SINET 5 AS18148 … Fukuoka University AS2907… Science Information NETwork SINET operated by National Institute of Informatics AS4713 … Open Computer Network OCN operated by NTT Communications Corporation Campus Network BGP router BGP router FireWall FireWall Router (L3 switch) Router (L3 switch) Each building L2 switch Each building L2 switch Edge switch Edge switch Edge switch AS18148 L2 switch for NTP L2 switch for NTP NTP Servers NTP Servers
What do these figures mean!? 270Mb/sec 350,000p/sec 6
7 all traffic (bit/sec) all traffic (packet/sec) • Graph showing router traffic and packet numbers • Low night traffic at University at night • Therefore it can be deduced that there is a high proportion of NTP request packets
If this is so... n “High traffic volumes are a problem. So why not just shut down the NTP Server?” n “Because if we shut down the NTP server the number of request packets increase!” 8
Outline of Experiment n To confirm that request packets increase when the server disposes of NTP request packets n Time of experiment 2018/07/21 - 2018/07/22 n Subject A specific AS (prefix no. 1361) n Method n Direct NTP Server prefixes to blackhole n Deactivate all server blackhole settings 9
The Experimental Result n Straight after enabling the black hold, request packets (green) gradually began to increase n The increase contiunued for 6 hours, then levelled off n After disabling the black hole, the traffic immediately decreased. n The range was over 160Mb/s 10
While investigating various issues in preparation for decommissioning the NTP Server We discovered another troublesome issue!! 11
Request packets sent from 1.1.1.1 n On closer inspection, the request packets were sent from 1.1.1.0/24 and 1.0.0.0/24 n Currently we are filtering them at the NTP Server 12
What is 1.1.1.1? n It is a public DNS Resolution Service operated by Cloudflare n Currently 1.0.0.0/24 and 1.1.1.0/24 are being advertised as AS13335(Cloudflare) 13 https://1.1.1.1/ or https://one.one.one.one/
Where is it coming from? n (Of course)it is not coming from Cloudflare 14
Packet Analysis n We collected and analyzed NTP request packets n Collection period 2018/11/30 8:26 - 2018/12/6 0:00 n Packets collected 1,408,390 n Traffic volumes approx.2.8pps 15 12 . 04 23 .
From what address? n 1.0.0.0/24 16 12.22% 10.57% 10.42% 10.40% 9.66% 5.99% 4.93% 4.65% 3.56% 2.70%
From what address? n 1.1.1.0/24 17 19.73% 7.69% 4.90% 2.82% 2.63% 2.63% 2.56% 2.53% 2.52% 2.51%
What source port no.? 18 13 . 04 23 . 3 12 n Access from 2168 ports
Sample of NTP packets sent 19 source port is not from inside 123 NAT The time from when it was plugged in was 7hr 53 min?
Sample of NTP packets sent n It appears that one request is sent every 10 seconds until time synchronization is reached ¡ Synchronization not possible as IPv4 is incorrect source port 1030 packet source port 1025 packet
Presumed connection structure and packet flow 21 ISP Router etc. Intranet (With NAT) IPv4 1.1.1.0/24 Router NTP Server Fukuoka U Network A cloudflare 1.1.1.1
What are these packets? n 1.1.1.1 is used in Captive Portal in public Wi-Fi, hotel routers, University wireless LAN etc. ¡ The setup by the administrator of hotel and cafe free Wi-Fi forces mandatory web access 22 https://www.k-bit.de/wireless_lan/kb_easy-hotspot-userguide.pdf
Should a filter be created? (BCP38) 23 ISP Customer side router Packets other than IP source addresses allocated to network own network are disposed Packets other than IP source addresses allocated to network customers are disposed In this case (1.1.1.1) it is extremely difficult to filter
The future of Fukuoka-U NTP Service n We plan to collect all of these NTP Server directed packets, including BGP routed packets sent to the NTP Server, collect them in a designated router and null them n We plan to analyze the dispose packets with netflow/sflow 24
Proposed new network architecture 25 AS2907 AS4713 Fukuoka University/AS18148 (133.100.0.0/16) Campus Network NTP Server #1,#2 NTP Server #3,#4 AS18148 133.100.9.2/24 133.100.11.0/24 NTP BGP Router BGP Router #1 BGP Router #2 SINET Fukuoka DC
Conclusion n We should establish a filter based on BCP38 ¡ Let's not send out disguised packets and private address block packets 26
References n BCP38 ¡ http://www.bcp38.info/ ¡ https://tools.ietf.org/html/bcp38 n Fukuoka University Public NTP Service Deployment Use case (APRICOT 2017) ¡ https://2017.apricot.net/program/schedule/ #/day/8/apops-1 27
Thank you for your kind attention

Empfohlen

Unit III IPV6 UDP
Unit III IPV6 UDPUnit III IPV6 UDP
Unit III IPV6 UDPsangusajjan
 
UDP - User Datagram Protocol
UDP - User Datagram ProtocolUDP - User Datagram Protocol
UDP - User Datagram ProtocolPeter R. Egli
 
Udp
UdpUdp
Udpkundan sahani
 
Tcp and udp
Tcp and udpTcp and udp
Tcp and udpAhmad Khalid Nasrat
 
Features of tcp (part 2) .68
Features of tcp (part 2) .68Features of tcp (part 2) .68
Features of tcp (part 2) .68myrajendra
 
TCP- Transmission Control Protocol
TCP- Transmission Control Protocol TCP- Transmission Control Protocol
TCP- Transmission Control Protocol Akhil .B
 
tcpcongest
tcpcongesttcpcongest
tcpcongestBill Bao
 
Seminar
SeminarSeminar
Seminarparita_parekh
 

Empfohlen

Unit III IPV6 UDP
Unit III IPV6 UDPUnit III IPV6 UDP
Unit III IPV6 UDPsangusajjan
 
UDP - User Datagram Protocol
UDP - User Datagram ProtocolUDP - User Datagram Protocol
UDP - User Datagram ProtocolPeter R. Egli
 
Udp
UdpUdp
Udpkundan sahani
 
Tcp and udp
Tcp and udpTcp and udp
Tcp and udpAhmad Khalid Nasrat
 
Features of tcp (part 2) .68
Features of tcp (part 2) .68Features of tcp (part 2) .68
Features of tcp (part 2) .68myrajendra
 
TCP- Transmission Control Protocol
TCP- Transmission Control Protocol TCP- Transmission Control Protocol
TCP- Transmission Control Protocol Akhil .B
 
tcpcongest
tcpcongesttcpcongest
tcpcongestBill Bao
 
Seminar
SeminarSeminar
Seminarparita_parekh
 
TCP/IP and UDP protocols
TCP/IP and UDP protocolsTCP/IP and UDP protocols
TCP/IP and UDP protocolsDawood Faheem Abbasi
 
TCP AND UDP
TCP AND UDP TCP AND UDP
TCP AND UDP Mushtaque Khan Noonari
 
TCP - Transmission Control Protocol
TCP - Transmission Control ProtocolTCP - Transmission Control Protocol
TCP - Transmission Control ProtocolPeter R. Egli
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CSThanveen
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP Ramesh Giri
 
Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)Ministry of Higher Education
 
Tcp
TcpTcp
TcpVarsha Kumar
 
Udp vs-tcp
Udp vs-tcpUdp vs-tcp
Udp vs-tcpNitesh Singh
 
TCP Theory
TCP TheoryTCP Theory
TCP Theorysoohyunc
 
Tcp vs udp
Tcp vs udpTcp vs udp
Tcp vs udphassamkhaliq
 
Tcp and udp ports
Tcp and udp portsTcp and udp ports
Tcp and udp portssujanakumari1
 
Tcp Udp Notes
Tcp Udp NotesTcp Udp Notes
Tcp Udp NotesRam Dutt Shukla
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake Alok Tripathi
 
TCP vs UDP / Sumiet23
TCP vs UDP / Sumiet23TCP vs UDP / Sumiet23
TCP vs UDP / Sumiet23Sumiet Talekar
 
Ruengsakulrach_ECTI2015
Ruengsakulrach_ECTI2015Ruengsakulrach_ECTI2015
Ruengsakulrach_ECTI2015Natchaphon Ruengsakulrach
 
Multimedia networks
Multimedia networksMultimedia networks
Multimedia networksSaqib Shehzad
 
Introduction to TCP
Introduction to TCPIntroduction to TCP
Introduction to TCPPradeep Kumar TS
 
User datagram protocol
User datagram protocolUser datagram protocol
User datagram protocolIshtdeep Hora
 
Transport Protocols
Transport ProtocolsTransport Protocols
Transport ProtocolsPeter R. Egli
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)Ammad Marwat
 
Fukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use caseFukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use caseAPNIC
 
IPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportIPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportAPNIC
 

Weitere ähnliche Inhalte

Was ist angesagt?

TCP - Transmission Control Protocol
TCP - Transmission Control ProtocolTCP - Transmission Control Protocol
TCP - Transmission Control ProtocolPeter R. Egli
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CSThanveen
 
TCP Theory
TCP TheoryTCP Theory
TCP Theorysoohyunc
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake Alok Tripathi
 
User datagram protocol
User datagram protocolUser datagram protocol
User datagram protocolIshtdeep Hora
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)Ammad Marwat
 

Was ist angesagt? (20)

TCP/IP and UDP protocols
TCP/IP and UDP protocolsTCP/IP and UDP protocols
TCP/IP and UDP protocols
 
TCP AND UDP
TCP AND UDP TCP AND UDP
TCP AND UDP
 
TCP - Transmission Control Protocol
TCP - Transmission Control ProtocolTCP - Transmission Control Protocol
TCP - Transmission Control Protocol
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CS
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP
 
Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)
 
Tcp
TcpTcp
Tcp
 
Udp vs-tcp
Udp vs-tcpUdp vs-tcp
Udp vs-tcp
 
TCP Theory
TCP TheoryTCP Theory
TCP Theory
 
Tcp vs udp
Tcp vs udpTcp vs udp
Tcp vs udp
 
Tcp and udp ports
Tcp and udp portsTcp and udp ports
Tcp and udp ports
 
Tcp Udp Notes
Tcp Udp NotesTcp Udp Notes
Tcp Udp Notes
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
 
TCP vs UDP / Sumiet23
TCP vs UDP / Sumiet23TCP vs UDP / Sumiet23
TCP vs UDP / Sumiet23
 
Ruengsakulrach_ECTI2015
Ruengsakulrach_ECTI2015Ruengsakulrach_ECTI2015
Ruengsakulrach_ECTI2015
 
Multimedia networks
Multimedia networksMultimedia networks
Multimedia networks
 
Introduction to TCP
Introduction to TCPIntroduction to TCP
Introduction to TCP
 
User datagram protocol
User datagram protocolUser datagram protocol
User datagram protocol
 
Transport Protocols
Transport ProtocolsTransport Protocols
Transport Protocols
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)
 

Ähnlich wie Fukuoka University Public NTP Service and BCP38

Fukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use caseFukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use caseAPNIC
 
IPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportIPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportAPNIC
 
IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013APNIC
 
Measuring quality of Internet links in NRENs
Measuring quality of Internet links in NRENsMeasuring quality of Internet links in NRENs
Measuring quality of Internet links in NRENsAFRINIC
 
Networkshop45 day one plenary session
Networkshop45 day one plenary sessionNetworkshop45 day one plenary session
Networkshop45 day one plenary sessionJisc
 
In-Service Monitoring of PTP Performance
In-Service Monitoring of PTP PerformanceIn-Service Monitoring of PTP Performance
In-Service Monitoring of PTP PerformanceADVA
 
Tech 2 Tech welcome
Tech 2 Tech welcomeTech 2 Tech welcome
Tech 2 Tech welcomeJisc
 
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic Analytics
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic AnalyticsSAND: A Fault-Tolerant Streaming Architecture for Network Traffic Analytics
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic AnalyticsQin Liu
 
VNIX-NOG 2023: IPv6 Deployment in government networks
VNIX-NOG 2023: IPv6 Deployment in government networksVNIX-NOG 2023: IPv6 Deployment in government networks
VNIX-NOG 2023: IPv6 Deployment in government networksAPNIC
 
First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?ARCFIRE ICT
 
Methods for Improving NTP
Methods for Improving NTPMethods for Improving NTP
Methods for Improving NTPADVA
 
Rustam Pirmagomedov
Rustam PirmagomedovRustam Pirmagomedov
Rustam PirmagomedovAlexMinov
 
Where are we now: IPv6 deployment update - Brunei National IPv6 Day Conference
Where are we now: IPv6 deployment update - Brunei National IPv6 Day ConferenceWhere are we now: IPv6 deployment update - Brunei National IPv6 Day Conference
Where are we now: IPv6 deployment update - Brunei National IPv6 Day ConferenceAPNIC
 
Dccp evaluation for sip signaling ict4 m
Dccp evaluation for sip signaling ict4 m Dccp evaluation for sip signaling ict4 m
Dccp evaluation for sip signaling ict4 m Agus Awaludin
 
Improving NTP Installed Base Time Accuracy
Improving NTP Installed Base Time AccuracyImproving NTP Installed Base Time Accuracy
Improving NTP Installed Base Time AccuracyADVA
 
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...Tal Lavian Ph.D.
 
SANOG 22 - APNIC Updates
SANOG 22 - APNIC UpdatesSANOG 22 - APNIC Updates
SANOG 22 - APNIC UpdatesAPNIC
 

Ähnlich wie Fukuoka University Public NTP Service and BCP38 (20)

Fukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use caseFukuoka University Public NTP Service Deployment Use case
Fukuoka University Public NTP Service Deployment Use case
 
IPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportIPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF Report
 
IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013
 
Measuring quality of Internet links in NRENs
Measuring quality of Internet links in NRENsMeasuring quality of Internet links in NRENs
Measuring quality of Internet links in NRENs
 
Networkshop45 day one plenary session
Networkshop45 day one plenary sessionNetworkshop45 day one plenary session
Networkshop45 day one plenary session
 
User Datagram Protocol
User Datagram ProtocolUser Datagram Protocol
User Datagram Protocol
 
In-Service Monitoring of PTP Performance
In-Service Monitoring of PTP PerformanceIn-Service Monitoring of PTP Performance
In-Service Monitoring of PTP Performance
 
Tech 2 Tech welcome
Tech 2 Tech welcomeTech 2 Tech welcome
Tech 2 Tech welcome
 
Transport layer
Transport layerTransport layer
Transport layer
 
GÉANT TURN pilot
GÉANT TURN pilotGÉANT TURN pilot
GÉANT TURN pilot
 
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic Analytics
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic AnalyticsSAND: A Fault-Tolerant Streaming Architecture for Network Traffic Analytics
SAND: A Fault-Tolerant Streaming Architecture for Network Traffic Analytics
 
VNIX-NOG 2023: IPv6 Deployment in government networks
VNIX-NOG 2023: IPv6 Deployment in government networksVNIX-NOG 2023: IPv6 Deployment in government networks
VNIX-NOG 2023: IPv6 Deployment in government networks
 
First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?
 
Methods for Improving NTP
Methods for Improving NTPMethods for Improving NTP
Methods for Improving NTP
 
Rustam Pirmagomedov
Rustam PirmagomedovRustam Pirmagomedov
Rustam Pirmagomedov
 
Where are we now: IPv6 deployment update - Brunei National IPv6 Day Conference
Where are we now: IPv6 deployment update - Brunei National IPv6 Day ConferenceWhere are we now: IPv6 deployment update - Brunei National IPv6 Day Conference
Where are we now: IPv6 deployment update - Brunei National IPv6 Day Conference
 
Dccp evaluation for sip signaling ict4 m
Dccp evaluation for sip signaling ict4 m Dccp evaluation for sip signaling ict4 m
Dccp evaluation for sip signaling ict4 m
 
Improving NTP Installed Base Time Accuracy
Improving NTP Installed Base Time AccuracyImproving NTP Installed Base Time Accuracy
Improving NTP Installed Base Time Accuracy
 
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...
A Platform for Large-Scale Grid Data Service on Dynamic High-Performance Netw...
 
SANOG 22 - APNIC Updates
SANOG 22 - APNIC UpdatesSANOG 22 - APNIC Updates
SANOG 22 - APNIC Updates
 

Mehr von APNIC

APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 

Mehr von APNIC (20)

APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 

Kürzlich hochgeladen

Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasDigicorns Technologies
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsMonica Sydney
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理F
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsMonica Sydney
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsMonica Sydney
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查ydyuyu
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Roommeghakumariji156
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Balliameghakumariji156
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制pxcywzqs
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 

Kürzlich hochgeladen (20)

call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 

Fukuoka University Public NTP Service and BCP38

  • 1. Information Technology Center, Fukuoka University, Japan Sho FUJIMURA fujimura@fukuoka-u.ac.jp NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION Fuminori -Tany- Tanizaki fuminori.tanizaki@west.ntt.co.jp FUKUOKA UNIVERSITY PUBLIC NTP SERVICE & BCP38
  • 2. 2 Introducing Fukuoka University Objectives 2 Fukuoka University NTP Service 2 Traffic Volumes and Causes 3 NTP SERVICE & BCP38 3 Packet Analysis and Observations 4 Conclusions 4 Reference Materials Today’s Content 1 1
  • 3. Fukuoka University introduction n Private university ¡ 86th anniversary in May 2019 ¡ Connected to internet in 1993 n Location: Fukuoka City, JAPAN ¡ The city we had APRICOT2015 n 9 faculties (31 departments) n 10 graduate courses (33 specialties) n Approximately 20,000 students n Attached facilities ¡ Hospital: 3 ¡ High school: 2 ¡ Junior high school: 1 3 AS: 18148 Prefix: 133.100.0.0/16, 2405:be00::/32
  • 4. Today’s Presentation(Objective) n Proceeding with BCP38 (Best Current Practice 38)measures 4
  • 5. Fukuoka University NTP Service and Network Architecture n Commenced Operations Oct 1993 n Japan’s 1st open NTP Server ¡ 133.100.9.2 ¡ 133.100.11.8 n NTP Server load distributed to 4 servers n Multihomed internet connection to OCN and SINET 5 AS18148 … Fukuoka University AS2907… Science Information NETwork SINET operated by National Institute of Informatics AS4713 … Open Computer Network OCN operated by NTT Communications Corporation Campus Network BGP router BGP router FireWall FireWall Router (L3 switch) Router (L3 switch) Each building L2 switch Each building L2 switch Edge switch Edge switch Edge switch AS18148 L2 switch for NTP L2 switch for NTP NTP Servers NTP Servers
  • 6. What do these figures mean!? 270Mb/sec 350,000p/sec 6
  • 7. 7 all traffic (bit/sec) all traffic (packet/sec) • Graph showing router traffic and packet numbers • Low night traffic at University at night • Therefore it can be deduced that there is a high proportion of NTP request packets
  • 8. If this is so... n “High traffic volumes are a problem. So why not just shut down the NTP Server?” n “Because if we shut down the NTP server the number of request packets increase!” 8
  • 9. Outline of Experiment n To confirm that request packets increase when the server disposes of NTP request packets n Time of experiment 2018/07/21 - 2018/07/22 n Subject A specific AS (prefix no. 1361) n Method n Direct NTP Server prefixes to blackhole n Deactivate all server blackhole settings 9
  • 10. The Experimental Result n Straight after enabling the black hold, request packets (green) gradually began to increase n The increase contiunued for 6 hours, then levelled off n After disabling the black hole, the traffic immediately decreased. n The range was over 160Mb/s 10
  • 11. While investigating various issues in preparation for decommissioning the NTP Server We discovered another troublesome issue!! 11
  • 12. Request packets sent from 1.1.1.1 n On closer inspection, the request packets were sent from 1.1.1.0/24 and 1.0.0.0/24 n Currently we are filtering them at the NTP Server 12
  • 13. What is 1.1.1.1? n It is a public DNS Resolution Service operated by Cloudflare n Currently 1.0.0.0/24 and 1.1.1.0/24 are being advertised as AS13335(Cloudflare) 13 https://1.1.1.1/ or https://one.one.one.one/
  • 14. Where is it coming from? n (Of course)it is not coming from Cloudflare 14
  • 15. Packet Analysis n We collected and analyzed NTP request packets n Collection period 2018/11/30 8:26 - 2018/12/6 0:00 n Packets collected 1,408,390 n Traffic volumes approx.2.8pps 15 12 . 04 23 .
  • 16. From what address? n 1.0.0.0/24 16 12.22% 10.57% 10.42% 10.40% 9.66% 5.99% 4.93% 4.65% 3.56% 2.70%
  • 17. From what address? n 1.1.1.0/24 17 19.73% 7.69% 4.90% 2.82% 2.63% 2.63% 2.56% 2.53% 2.52% 2.51%
  • 18. What source port no.? 18 13 . 04 23 . 3 12 n Access from 2168 ports
  • 19. Sample of NTP packets sent 19 source port is not from inside 123 NAT The time from when it was plugged in was 7hr 53 min?
  • 20. Sample of NTP packets sent n It appears that one request is sent every 10 seconds until time synchronization is reached ¡ Synchronization not possible as IPv4 is incorrect source port 1030 packet source port 1025 packet
  • 21. Presumed connection structure and packet flow 21 ISP Router etc. Intranet (With NAT) IPv4 1.1.1.0/24 Router NTP Server Fukuoka U Network A cloudflare 1.1.1.1
  • 22. What are these packets? n 1.1.1.1 is used in Captive Portal in public Wi-Fi, hotel routers, University wireless LAN etc. ¡ The setup by the administrator of hotel and cafe free Wi-Fi forces mandatory web access 22 https://www.k-bit.de/wireless_lan/kb_easy-hotspot-userguide.pdf
  • 23. Should a filter be created? (BCP38) 23 ISP Customer side router Packets other than IP source addresses allocated to network own network are disposed Packets other than IP source addresses allocated to network customers are disposed In this case (1.1.1.1) it is extremely difficult to filter
  • 24. The future of Fukuoka-U NTP Service n We plan to collect all of these NTP Server directed packets, including BGP routed packets sent to the NTP Server, collect them in a designated router and null them n We plan to analyze the dispose packets with netflow/sflow 24
  • 25. Proposed new network architecture 25 AS2907 AS4713 Fukuoka University/AS18148 (133.100.0.0/16) Campus Network NTP Server #1,#2 NTP Server #3,#4 AS18148 133.100.9.2/24 133.100.11.0/24 NTP BGP Router BGP Router #1 BGP Router #2 SINET Fukuoka DC
  • 26. Conclusion n We should establish a filter based on BCP38 ¡ Let's not send out disguised packets and private address block packets 26
  • 27. References n BCP38 ¡ http://www.bcp38.info/ ¡ https://tools.ietf.org/html/bcp38 n Fukuoka University Public NTP Service Deployment Use case (APRICOT 2017) ¡ https://2017.apricot.net/program/schedule/ #/day/8/apops-1 27
  • 28. Thank you for your kind attention