Harlan Stenn wrote: >>>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Danny Mayer) writes: > > P> As you might have seen elsewhere I do agree that this is only a good > P> idea under well defined circumstances, and I would now add that it is > P> difficult to ascertain up-front whether these conditions are met (i.e. > P> whether it would be desirable for a particular NTP server on a dynamic IP > P> address to be admitted to the pool). > > Danny> There are *no* circumstances where this is a good idea. You *cannot* > Danny> make use of a server that is constantly moving IP address. Even fixed > Danny> IP addresses can be problematic in this environment since the clients > Danny> don't requery for addresses after they come up and if someone decides > Danny> to move the server elsewhere, they will never know about it. > > Danny, while you are right that one cannot expect to get useful NTP service > from a moving IP address you are flat out wrong that all DHCP-assigned > addresses fall in to this category. >
To clarify one thing, an IP address that is fixed for a given server is fixed even if it's assigned by DHCP. How it gets assigned is a detail. Whether or not that server keeps the same address is crucial. > I think you have tunnel-vision in this case, and are being blind to some > cases where obvious/known counter-examples exist. I don't think so. Please provide counter-examples. > > P> Please remember that I started this suggestion in the context of a > P> discussion of code being added to ntpd that re-resolves server addresses > P> in case of non-reachability. Such code, _if deployed on a critical mass > P> of clients_ (i.e. optimistically, not for a good few years) would address > P> your concern (while not completely removing it). > > Danny> We are not the only provider of NTP Clients or for that matter > Danny> servers and unless they also make changes to also do this and have > Danny> everyone upgrade the problem will remain. For most people/admins this > Danny> is a set and forget item when they set up a system. > > Danny, from my POV you didn't even address Per's point, and his point seems > perfectly valid to me. Which point would that be? Having NTP servers with varying addresses is a good idea? Even when the above mentioned code change happens, and that will take quite a lot of work and will cause me to make a lot of changes to the code and even longer to get it just right, it still won't deal with the issues I've raised including the fact that there are a lot of other NTP clients out there. We already have cases of people hardcoding IP addresses of NTP servers without unauthorization of the owner of the NTP server. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
