Florian Obser <[email protected]> wrote: > On Wed, Jul 29, 2020 at 03:51:17PM +0200, Sebastian Benoit wrote: > > If i remember correctly, the fallout was caused by EDNS but i might be > > wrong. The unbound commit caused a developer some headscratching, because > > his upstream internet did not work with such packets, which led to immediate > > backout of the change, because a default config that does not work is not > > good. > > It was time. Running DNSSEC validation on a system without an RTC is > not a good idea. NTP could not fix this because it depends on working > DNS. This has since been addressed by Otto.
Addressed as well as possible, but perfection is not achievable. ntpd (which is run by default) tries aggressively to repair the clock at boot. Later on, it is not so aggressive at correcting the clock. For real computers, this is of no concern, it will work fine. But on machines without a battery RTC, if internet operation is weak at boot, but becomes better later on, there is still a window of time (before ntpd slowly corrects the clock) where time is incoherent and weird stuff can happen. So my recommendation is to buy real computers. And garbage can misbehave like garbage will.
