RE: Filter NTP traffic by packet size?

If only there was more focus on the BCP38 offenders who are the real root
cause of this problem, I would be more happy.

I would be more impressed if the IXes would start to use their sFlow
capabilities to find out what IX ports the NTP queries are coming to
backtrace the traffic to the BCP38 offendors than try to block the NTP
packets resulting from these src address forged queries.