Re: [time-nuts] Anyone still running a Soekris net45XX for NTP?

2017-05-26 Thread Harlan Stenn 
Mine are running FreeBSD-11.
-- 
Harlan Stenn <st...@ntp.org>
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Network Time Foundation

2017-05-13 Thread Harlan Stenn 
You're almost funny, Gary.

H
--
"Gary E. Miller" writes:
> Yo Azelio!
> 
> On Sat, 13 May 2017 16:10:03 +0200
> Azelio Boriani  wrote:
> 
> > Is the Network Time foundation the only one to have the NTP source
> > code? Is the Meinberg code (for example) a different one?
> 
> There is a fork of NTP Classic, called NTPsec.  It is being more activly
> worked on than NTP Classic and has many new features like ntpmon and
> ntpviz.  It is readily available over git:
> 
> https://www.ntpsec.org/
> https://github.com/ntpsec/ntpsec
> 
> 
> RGDS
> GARY
> -=
> --
> Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
>   g...@rellim.com  Tel:+1 541 382 8588
> 
>   Veritas liberabit vos. -- Quid est veritas?
> "If you can=E2=80=99t measure it, you can=E2=80=99t improve it." - Lo=
> rd Kelvin
> ___
> time-nuts mailing list -- time-nuts@febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-=
> nuts
> and follow the instructions there.
> 
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] When NTP goes wrong...

2015-10-25 Thread Harlan Stenn 
Neil Schroeder writes:
> I would like to respond in a generic and sweeping way - having not read in
> the detail Bob layed out for us required to fully analyze the situation -
> to the notion that circuit level access or prior topological knowledge is
> required to exploit this or any other spoofing attack.  On a corporation or
> education network, I could generate such malformed packets with almost no
> effort as long as i had my Mac or a similarly not-windows device, or access
> to one.  I estimate it'd take less than 5 minutes for me to do for the
> majority of targets - which means any motivated party could within an hour
> or two. I'm not warranting I would succeed - hopefully there would be a
> real firewall SOMEWHERE in the path from the open internet to a real
> physical host.

I invite you to take 5-15 minutes' time and find out.  I won't ask you
to (and I hope you don't) publish too much information on what you find
out, because that initial hurdle is "big enough" to keep the majority of
miscreants at bay.  However, give a tool to a script-kiddie...

But please do take a bit of time and try to implement this attack.

Once you are there, I'd appreciate any suggestions hou might have
regarding mitigation.
-- 
Harlan Stenn <st...@ntp.org>
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Time in a cave

2015-05-13 Thread Harlan Stenn 
Tucek, Joseph writes:

 I do need time sync intra-cluster to be tight (sub millisecond, 100
 nano as a stretch goal).  UTC sync can comparatively be terrible; 10-1
 ms is fine, and I can live with bad NTP, 100 ms if I must.  From
 specs, */really/* good quartz is my limit and /good/ quartz is
 acceptable, so long as it doesn't mess with the intra-node PTP
 tightness.  I'm mostly looking at TCXO options. OCXO isn't out of the
 question, but rubidium doesn't seem to give $/value.

If you want intra-cluster at sub-millisecond, NTP is possible, and that
should be trivial with PTP.

I've been attending the ISPCS plugfests for the past few years' time and
I've been making sure that we can take time from upstream NTP or PTP,
and distribute that time via NTP or PTP.

 Yes, the master will have a fairly low phase noise local oscillator
 as it's internal reference. Everything will synch to that.  If all
 you are doing is syncing the local cluster you don't even care about
 time outside. This is true for most industrial applications that are
 just syncing machinery.
 
 Thanks for the info.  PTP isn't as well understood/documented as NTP,
 so I've not been as certain about my decisions. Of course, that is
 fair for a relatively new standard.

Network Time Foundation includes the NTP Project, Ntimed (and PHK
plans to at least look at PTP support sometime), and 2 PTP projects -
PTPd, which is designed to be portable and generally useful, and Linux
PTP, which is designed to be optimized for the latest Linux kernels.

 Currently, I think my two best options are: 1) CDMA enabled PTP
 appliance (set and forget), or 2) PTP appliance running as stratum 2
 from good NTP.

Either should be fine.

I saw you can't run an antenna wire from where you'll be, but perhaps a
lan cable?  That might go to either a GPS device or to a small NTP or
PTP device.

NTF is working to improve the products under its umbrella all the time,
and we're seriously resource-constrained.  OK, we're disturbingly
resource-constrained.  While the PTPd folks seem to have enough
developer resources and Richard Cochran has not complained about the
developer resources for Linux PTP, none of the projects have adequate
documentation writers.

Guess what I think would be a Swell Idea?
-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Time in a cave

2015-05-13 Thread Harlan Stenn 
Paul writes:
 On Tue, May 12, 2015 at 7:00 PM, Tucek, Joseph joseph.tu...@hp.com wrote:
 
  I'm looking for information on non-GPS time sources.
 
  For background, I need to provide PTP
 
 
 I believe this was recently discussed on ntp:questions.  People often
 forget dial-up (ACTS) which is supported by the PTP capable Microsemi
 SyncServer 3NN models which also have OCXO/TCXO/Rb hold-over options.

One problem is that while ACTS used to be a very good way to keep time,
now that modems no longer have constant processing time and phone lines
are no longer end-to-end copper and the signal likely goes thru a number
of domain changes (Audio/Digital, Frame Relay, ATM, ...), I'm told
that ACTS is nowhere near as good as it used to be.

H
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

[time-nuts] Please help Network Time Foundation...

2014-12-10 Thread Harlan Stenn 
With the permission of TVB and JRA, here's the short version.

Network Time Foundation is now old enough (3 years) to qualify to be
listed with the Combined Federal Campaign, and we'd love to be listed
there.  As I understand it, there's another qualification hurdle - we
need to have at least $100,000 in revenue to qualify.  In the first 11
months of our 3rd and best year so far, we've raised over $93,000.  Two
days ago I mentioned our goal on the questi...@ntp.org list and since
then we've received 6 donations and 3 joins, for nearly $1,000 more.

Please help NTF deliver on its mission to improve Network Time!

(And as probably all of you know, $100,000 doesn't go very far at all -
we need to raise much more than that to start hiring developers,
sysadmins, research folks, Q/A folks, documentation folks, Standards
wranglers, and many others.  But before we can get there, we need to
just keep raising more money than we've raised before...)

Visit http://nwtime.org and Join a Consortium or make a Donation - any
amount helps!  If time is important to your company, please see about
having them join a consortium, too!

The blog post about the above is:

 http://nwtime.org/help-ntf-join-combined-federal-campaign/

Thanks...
-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] future NTP programs...

2014-11-10 Thread Harlan Stenn 
Poul-Henning Kamp writes:
 
 In message 0AA8645271A94DF3968C90FE6BF94276@Alta, David J Taylor writes:
 
 - that there is (eventually) a Windows implementation.
 
 I'm writing the code to be as portable as I can make it, but I have
 neither Windows machines nor clue how to program for their kernel-time-api.

We should talk about it - there are some options and opportunities
there.

H
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] future NTP programs...

2014-11-10 Thread Harlan Stenn 
Poul-Henning Kamp writes:
 
 In message 546152ac.8090...@rubidium.dyndns.org, Magnus Danielson writes:
 
 Monitoring as such is an important task, and some of the NTP clients 
 might be servers in other contexts, and then it makes sense to monitor 
 that they got their NTP time into shape.
 
 For which there has existed a system call for 20 years now:
 
  ntp_gettime() has as argument a struct ntptimeval * with the following
  members:
 
  struct ntptimeval {
  struct timeval time;/* current time (ro) */
  long maxerror;  /* maximum error (us) (ro) */
  long esterror;  /* estimated error (us) (ro) */
  };
 
  These have the following meaning:
  time   Current time (read-only).
  maxerror   Maximum error in microseconds (read-only).
  esterror   Estimated error in microseconds (read-only).

And those fields have value, and they are not enough.  The aim of
NTF's General Timestamp API is to have a timestamp with enough values
in it.
-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Opinions on OpenNTPD

2014-06-30 Thread Harlan Stenn 
The last time I looked openntp was really an SNTP implementation.

If you are running it on a leaf node it might be fine for you.
-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] NIST time services

2014-03-24 Thread Harlan Stenn 
Poul-Henning Kamp writes:
 In message CABbxVHuQc0144==21mDa_R8ErKov=em+9rvrbpggexnzztj...@mail.gmail.co
 m
 , Chris Albertson writes:
 
 Yes.  NTP calls it root distance [...]
 
 And it is generally useless, because people don't calibrate it.

http://bugs.ntp.org/show_bug.cgi?id=2587

Because I've forgotten to open a ticket on this too often for too long.

H
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] NIST time services

2014-03-24 Thread Harlan Stenn 
Poul-Henning Kamp writes:
 In message e1wsboi-000dny...@stenn.ntp.org, Harlan Stenn writes:
Poul-Henning Kamp writes:
 In message 
 CABbxVHuQc0144==21mDa_R8ErKov=em+9rvrbpggexnzztj...@mail.gmail.com
 , Chris Albertson writes:
 
 Yes.  NTP calls it root distance [...]
 
 And it is generally useless, because people don't calibrate it.

 http://bugs.ntp.org/show_bug.cgi?id=2587

 Because I've forgotten to open a ticket on this too often for too long.
 
 I'm actually not certain that it helps, even if you document it.
 
 It's sort of an administrative distance and it unfairly penalizes
 any GNSS in favour of terrestial if you calibrate it according to the
 original intent...

I'm game to come up with a better plan.  Original intent is good, and
follow-on improvements are even better.

H
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] NTP as vector for DDOS attacks?

2014-01-10 Thread Harlan Stenn 
This amplification attack vector is really easy to stop.  The procedure
is documented in the CERT advisory, which was released with almost no
forewarning to me or my team.  While we knew about it and drafted the
mitigation information and tweaked other portions of the announcement,
we were expecting a bit more time to prepare information for the NTP and
NTF websites.

If there are vulnerable systems out there that cannot be configured to
behave well, then the vendors of those systems will receive a wakeup
call and get a fair amount of bad press.

A silver lining is that this situation may induce folks to donate to
NTF, join NTF's NTP Consortium, and/or become inaugural members of NTF's
Certification and Compliance Program, which will make sure that default
configurations don't have these or similar problems.

It's great to talk about all of these things.

I submit it's even better for people and institutions who care about
network time to financially support Network Time Foundation.

-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] ***SPAM*** Serial cables with thin connectors

2013-12-06 Thread Harlan Stenn 
Can you find D2700s?  It's been a while, but I thought the D2700s were
better enough than the D2500s.

Having said that, I also sometimes still use D525s, and pull the 2nd
serial header out on a PCI slot header:

 http://www.supermicro.com/products/motherboard/ATOM/ICH9/X7SPA-HF-D525.cfm

but I really like IPMI.  These can be had for much less without IPMI.

I'm also sometimes using S1260 Atoms:

 http://www.supermicro.com/products/motherboard/ATOM/X9/X9SBAA-F.cfm

but these motherboards have very few USB ports.

One of these days I'll get one of these that have an audio port and play
with IRIG and stuff...

H




-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Typical NTP performance? Monitoring multiple NTP servers?

2013-07-26 Thread Harlan Stenn 
Anders,

It's possible to discipline the local clock with PTP and have NTP serve
that time to other hosts if that's what you want to do.

It's easy to have a single local NTP instance track multiple remote NTP
instances.  Preferred, even.

I routinely see LAN machines running NTP that track time to 1ms or
better using just the network - no PPS.

Others here will likely have better information for you.

-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!
___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Very challenging phase noise measurement, does anyone have an idea??

2012-12-06 Thread Harlan Stenn 
Karen,

I still have maybe another half an hour of work to do.

If I can wake up to be on the call I will.  I'd say there might be a 50%
chance I'll make it...

-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Time security musing - attacking the clock itself

2012-12-03 Thread Harlan Stenn 
What is the 'thing' being secured?

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Leap second coming...

2012-06-29 Thread Harlan Stenn 
GPS units use the GPS timescale, not UTC.

See http://leapsecond.com/java/gpsclock.htm

But that's planes, etc.  The ground-control radar folks use UTC as I
recall, and they have dealt with leap seconds enough to know what to
expect.

-- 
Harlan Stenn st...@ntp.org
http://networktimefoundation.org  - be a member!

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] MIT RADIATION LABORATORY SERIES 1940-1945 (28 VOLS) on eBay

2011-07-12 Thread Harlan Stenn 
Bill Hawkins wrote:
 What does this have to do with time, you ask? Why, only that
 the passage of time alters men's passions.

Yeah, I've had dates like that.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] NTP IRIG config help

2011-03-07 Thread Harlan Stenn 
Have you seen:

 http://support.ntp.org/bin/view/Support/ConfiguringIrigRefclocks

Feel free to nose around on other ConfiguringRefclocks pages, and add
questions or improve the content.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] My Garmin 18x, Ver 3.50, currently 1 second slow to UTC

2010-12-30 Thread Harlan Stenn 
 So, what is the final consensus as to which is the best firmware
 version to use for NTP purposes?

I don't know, but I trust y'all know about:

 http://support.ntp.org/bin/view/Support/ConfiguringGarminRefclocks

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Maintaining boatanchors

2010-11-10 Thread Harlan Stenn 
I hear that qemu will run OS-9, and there are also 6809 emulators out
there. http://en.wikipedia.org/wiki/OS_9 has more information.

But I suspect y'all already know this.

H


___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] GPS USB dongle for time server

2010-11-08 Thread Harlan Stenn 
Using USB serial introduces amusing amounts of jitter.  This is usually
not a problem for the NMEA sentences, but I wouldn't want to be
detecting the PPS signal via USB1 or USB2 serial devices.

I've heard that USB3 should be much better.  I haven't touched any of
these yet.

-- 
Harlan Stenn st...@ntp.org
http://ntpforum.isc.org  - be a member!

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Does GPS time reception work everywhere all of the time?

2010-08-31 Thread Harlan Stenn 
You wrote:
 Let me just add a bit of caution here:  The NTP software gets confused
 if it has too many servers to select from.
 
 I would _never_ advice configuring more than 5 ntp servers for any
 machine, unless some of them deliberately are made unavailable and
 only used for monitoring/sanity-check.

Sounds like a bug to me.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Does GPS time reception work everywhere all of the time?

2010-08-31 Thread Harlan Stenn 
You wrote:
 In message 201008310920.o7v9kzui025...@stenn.ntp.org, Harlan Stenn writes:
 You wrote:
 
  I would _never_ advice configuring more than 5 ntp servers for any
  machine, unless some of them deliberately are made unavailable and
  only used for monitoring/sanity-check.
 
 Sounds like a bug to me.
 
 It is.
 
 The problem is that if multiple servers with roughly identical
 performance survive the culling, the clock selection codes
 commitment-anxiety makes i switch partner far too often.
 
 If you allow the automatic poll-rate tweaker into the game, instead
 of sensibly clamping maxpoll, it gets even more interesting.

Has this been brought to DLM's attention?

And I assume this is not a problem with your code because you code is
designed for S1 use as opposed to higher-stratum systems that are in a
better position to have multiple servers, right?

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] PCI IRIG receiver card for AIX?

2009-05-27 Thread Harlan Stenn 
 Does anybody know of any PCI cards that will receive IRIG-B time 
 signals and come with an I/O driver for AIX (IBM's flavor of UNIX)? 
 Industrial-grade commercial products are preferred.

In the past I have, on one occasion, been able to use a regular audio
card for this, and I used the IRIG_AUDIO refclock with ntpd for this.

I don't know if that is what you have in mind but it should be an
option.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Leap second glitches on NTP using Z3801A

2008-11-16 Thread Harlan Stenn 
Scott wrote:
 Yes, I noticed this as well and modified the refclock driver to filter
 it as it does in the oncore refclock.
 
   Scott

If you submitted this patch to the NTP Project I didn't see it.

If you didn't submit it, I invite you to do so.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Leap second glitches on NTP using Z3801A

2008-11-16 Thread Harlan Stenn 
OK, so thanks for posting this, and I sitll invite you to submit a patch
via http://bug.ntp.org .

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

[time-nuts] TrueTime A-468MS

2008-06-27 Thread Harlan Stenn 
An apparently no-longer used Truetime A-468MS antenna just came down
from the roof.

What might it be good for?

I have found: http://www.leapsecond.com/museum/468-dc/theory.htm

-- 
Harlan Stenn [EMAIL PROTECTED]
http://ntpforum.isc.org  - be a member!

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Thunderbolt meets ntpd

2008-06-23 Thread Harlan Stenn 
I think Fer is still an active maintainer on the tbolt work he did...

-- 
Harlan Stenn [EMAIL PROTECTED]
http://ntpforum.isc.org  - be a member!

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

Re: [time-nuts] Thunderbolt meets ntpd

2008-06-23 Thread Harlan Stenn 
Folks,

Just in case anybody isn't aware of the following pages, I thought
I'd mention it and invite folks to put whatever information they think
would be useful there:

 http://support.ntp.org/bin/view/Support/ConfiguringRefclocks
 http://support.ntp.org/bin/view/Support/RefclockUsers

I'm happy to help folks get more information there.

H

___
time-nuts mailing list -- time-nuts@febo.com
To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.