Harlan Stenn wrote:
Miroslav Lichvar writes:
On Thu, Nov 06, 2014 at 06:08:32AM -0500, Jared Mauch wrote:
One thing I will highlight here is we have ips in both v4 and v6
pools that are anycast and there may not be a good way for something
to realize 4 ips may just be 2 hosts with the same reference.
So the problem is that a client could be unknowingly using the same
server twice, which would effectively give it two votes in the source
selection? Can this happen with addresses from one DNS reply or only
over time when some sources are replaced?
We probably want to take another look at what a "refid" means as for as
loop detection goes.
I don't expect loops to be a problem. I would consider it very irresponsible
to setup
an anycast NTP server network without a hardwired reference (a local reference
clock
and/or explicitly configured servers that are under administrative control of
the same
person or company that sets up the anycast service).
I don't think that anyone would setup an anycast server that uses "pool
pool.ntp.org"
as a reference. If any of these are found, they should be blocked from the
pool.
(it is very unfortunate that the DDOS incident has led to most NTP servers to be
closed to monitoring commands)
Rob
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
