On 3/25/2016 5:10 PM, Hal Murray wrote:
[email protected] said:
I'm not sure if it's intentional, but recent versions of ntpd now
update the clock with the first (authenticated) sample. Older versions
and other implementations may require more.
I think Danny Mayer told me that was a bug. But I don't know.
ntpd 4.2.6 needs several samples.
It's a bug.
Consider what happens if the first response is from a falseticker. You also
get a bogus answer if one side of the request/response encounters long
network delays.
I wonder if it might not make sense to use the first authenticated
sample to validate the previous unauthenticated samples. If the offset
from the first authenticated sample is not within some threshold of the
previous samples then the older ones are thrown out. But if they are
within the threshold they are accepted.
--
Oracle <http://www.oracle.com>
Brian Utterback | Principal Software Engineer
Phone: +1 6038973049 <tel:+1%206038973049>
Oracle Systems/RPE Solaris Network
1 Oracle Dr. | Nashua, NH 03062
------------------------------------------------------------------------
All working systems eventually show their own agendas.
------------------------------------------------------------------------
Green Oracle <http://www.oracle.com/commitment> Oracle is committed to
developing practices and products that help protect the environment
_______________________________________________
TICTOC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tictoc
