On Fri, Sep 04, 2020 at 11:17:40PM +0200, Christian Weisgerber wrote:
> Otto Moerbeek:
>
> > This takes the observed issue into account,
> -snip-
>
> This works for my test case of a single peer and the two scenarios of
> "can't send query" and "port unreachable".
>
> I notice that both cases are handled very differently:
> * Can't send query: ntpd keeps retrying with a fast poll interval
> of 60 seconds.
> * Port unreachable: ntpd retries with a maximally slow poll interval
> of 3000+ seconds.
>
> This may make sense, I don't know, but the rationale isn't obvious.
Also note that I'm onlyreducing the trust level on one of the erorrs
conditions. An invalid packet is just ignored. This is to avoid to
possibility that somebody can easily spoof pakcets to ntpd and make it go
into unsynced more with all peers untrusted.
About the behaviour: is one of the confusing parts of ntpd. Not all
transitions of the state engine are clear and the timeouts used are
hard to follow sometimes.
-Otto
>
> --
> Christian "naddy" Weisgerber [email protected]
