On Wed, Apr 06, 2016 at 01:20:48PM -0700, Hal Murray wrote: > [email protected] said: > > If you don't see the benefits, that's ok. I just thought I should write my > > suggestions and see if anyone agrees with that. > > I think that's an important idea. We need to consider the trade-offs between > security from hiding the real refid compared to the forensic value of being > able to figure out what is or was going on.
I agree. > On the other hand, I don't have a handful of stories where it has been > helpful so maybe it isn't really important. Is a warm-fuzzy feeling worth > anything? I think it could be more than just a warm-fuzzy feeling. I think knowing refids up to stratum 1 could be useful for NTP clients to make better decision in the source selection and also for administrators when debugging problems. Harlan referred to mode 6. That's not always available. It's not a part of the current NTPv4 spec (it was optional in the NTPv3 spec) and AFAIK only ntpd implements it. Also, on servers accessible from Internet it's normally disabled as it allows amplification. > [email protected] said: > > I've received reports on loops forming between three peers that were polling > > one another when they stopped receiving time from their upstream sources. I > > was able to reproduce that. It's not a critical issue, but I think it would > > be nice if NTP could prevent that. > > Doesn't that case bump the stratum level each time around the loop until is > falls off the end? It does. The trouble is that unless the servers have a local reference enabled (e.g. orphan mode), they will stuck to stratum 16, 15, ... and will be unusable for clients one, two, ... layers below. As I said, I don't think it's a huge deal, but it would be nice if NTP could prevent that. -- Miroslav Lichvar _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
