Bug#1042813: debian-installer: use ntp-server obtained via dhcp

2023-08-01 Thread Cyril Brulebois 
Hi,

IOhannes m zmölnig  (2023-08-01):
> one thing that has been bothering me for ages is the use of hardcoded
> NTP-servers in the installer.
> 
> Since NTP can obviously easily be abused for DDoS reflection attacks,
> many ISPs block the use of arbitrary NTP-servers, and instead provide an
> internal NTP server, which is typically announced via DHCP (in
> environments that use DHCP for setting up networking).
> 
> Of course my university ids among these "ISPs", which means that for the
> last decade all of my Debian installations that i did on premises
> stalled (for a while) when the installer tries to get the network time
> (for which i think it queries *.debian.pool.ntp.org, but i haven't
> actually checked).

A quick look suggests 0.debian.pool.ntp.org.

> it would be nice if the installer would *prefer* any NTP servers
> announced via DHCP (and use the debian.pool as a fallback).

It appears clock-setup could use netcfg/dhcp_ntp_servers… but netcfg
seems to have stopped setting it when stateless DHCPv6 support was
merged (fac74c749661da41ef4b89b89c9fd76dd42e7bc6). The 1.90 release
is dated 2012 so that'd be consistent with the decade you mentioned.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1042813: debian-installer: use ntp-server obtained via dhcp

2023-08-01 Thread Debian/GNU 
Package: debian-installer
Severity: wishlist

Dear Maintainer,

one thing that has been bothering me for ages is the use of hardcoded
NTP-servers in the installer.

Since NTP can obviously easily be abused for DDoS reflection attacks,
many ISPs block the use of arbitrary NTP-servers, and instead provide an
internal NTP server, which is typically announced via DHCP (in
environments that use DHCP for setting up networking).

Of course my university ids among these "ISPs", which means that for the
last decade all of my Debian installations that i did on premises
stalled (for a while) when the installer tries to get the network time
(for which i think it queries *.debian.pool.ntp.org, but i haven't
actually checked).

it would be nice if the installer would *prefer* any NTP servers announced
via DHCP (and use the debian.pool as a fallback).

the current behaviour is not exactly a show-stopper, as it is easy to
just cancel the time synchronisation (assuming that the hardware
clock is within reasonable range).

nevertheless it is annoying.


otherwise i have been enjoying the installer. thank you very much.


gasdmr
IOhannes