[ntp:questions] Public ntp-server and reflection-attacks

[Rob]

Jure Sah <dustwolfy at gmail.com> wrote:
>
> Hi,
>
> On 23. 12. 2013 15:13, Rob wrote:
>> Jure Sah <dustwolfy at gmail.com> wrote:
>>> Wouldn't noquery or nopeer also prevent your timeserver from
>>> being used by other timeservers? Or at least limit usability?
>> 
>> Not really.  It limits the possibilities of debugging from remote 
>> (e.g. to look what servers you are synced to), but it does not
>> limit the use as a regular time server.
>
> I would just like to understand this...
>
> For noquery I understand, but for "nopeer"? The manual page states:
>> Deny packets that might mobilize an association unless
>> authenticated. This includes broadcast, symmetric-active and
>> manycast server packets when a configured association does not
>> exist. Note that this flag does not apply to packets that do not
>> attempt to mobilize an association.

A peer is a two-way server-server link.  Not a client using your
server, but a server that syncs time with you and vice-versa.

> Doesn't this always happen when a new ntp server somewhere on the
> internet chooses to use your NTP server as a peer?

You don't want that.  NTP servers that are peers should be only
added upon mutual agreement.  A normal client of the pool is only
a client of your server, not a peer.
(i.e. they sync time to you, but you don't get time sync from them)