Unfortunately I need to shut down one of my NTP servers due to that
server getting decommissioned in about 1,5 months. The server was
removed from the pool a few days ago, and out of curiosity, I ran
tcpdump to get an idea of the current traffic. Yes, I know it may take a
very very long time until all the clients have moved on to using other
NTP servers, but that's not the point of this message.
I found out that there are a number of IP addresses that seem to send an
NTP request every 32 seconds or so, which sounds a bit frequent to me.
Upon further investigation it turned out that at least one of those
devices was a LaCie Cloudbox "home cloud storage" box (I don't know
what's particularly 'cloudy' in that, but I digress).
It also turned out that the owner of that particular device had not
bothered setting a password, allowing me to view all their files.. sigh.
I'll inform the device owner of this slight security problem separately.
On the General settings page (as shown on
http://manuals.lacie.com/_detail/products/cb/screenshots/dashboard/gen-settings/cb_gen_settings.png?id=en%3Amanuals%3Acb%3A05_dashboard%3Adashboard03-general-settings
), I saw that the device was configured to use "pool.ntp.org" as the
time source, with no apparent way to change the time source. The only
option was to enable/disable time syncing.
http://www.pool.ntp.org/en/vendors.html specifically disallows using the
default pool.ntp.org zone names as the default configuration. The device
was running firmware 2.6.8.2, There would apparently be a newer version
2.6.8.4, which fix "Bash Shellshock and OpenSSL vulnerabilities" and
"Fix some other issues". I don't know if the "other issues" include time
sync issues.
It may also be noteworthy that when I first accessed that settings page,
the time wasn't even in sync. Clock syncing had been enabled, but the
time shown was incorrect and there was a gray ball next to pool.ntp.org.
When I disabled and re-enabled the time syncing option, time got synced
and the ball turned green. I don't know why it didn't manage to get its
clock synced, despite sending NTP requests every 32 seconds.
Apparently disabling and re-enabling time sync also made it poll much
less frequently, approximately every five minutes or so. I saw this by
running tcpdump on my other server, which is still in the pool.
Just for your information, in case you run into such devices somewhere..
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
