At 8:52 AM -0400 2005-09-13, Anthony DeRobertis wrote:
I don't think that trying to build this functionality into ntpd is
the way to achieve this goal. The program is bloated enough as it is.
Access control hardly seems like bloat in a server. Though the issue
with not wanting to hit the disk could be challenging.
Server access control is something that ntpd has never attempted
in the entire history of the project. We have server authentication,
which used cryptographic methods to prove to the clients that the
time claimed actually came from the server claimed, but there is no
access control, nor has there ever been. The closest we get is the
"restrict" lines, and that's not the same thing.
You're talking about a totally different animal here, one that is
unlike anything that has ever been done before with NTP, and has
serious design and even protocol issues that cannot be just waved
away with a motion of your hand.
Because the way ntpd works is to lock everything in memory, so that
it can guarantee that it never gets paged or swapped out, and that it
never, ever has to hit the disk again.
This isn't quite true. ntpd routinely hits the disk to write logging
information.
That is an optional, and frequently unconfigured feature. In
fact, most people probably don't even know that ntpd can do this.
Moreover, so long as the storage is writable, ntpd doesn't care or
know how it is operated.
That is absolutely nothing whatsoever like making the operation
of the server totally and completely dependant on being able to
access the disk on a query-by-query basis, in order to perform access
control. Most disks have access times measured well into the
milliseconds, and when you add filesystem and database overhead on
top of that, you're probably into the hundreds of milliseconds.
You're talking about building an OLTP database the likes of which
the world has never seen before, and putting that into each and every
NTP server in the world. Yes, big honking Oracle RAS servers may be
able to get more than a few hundred queries per second, but not with
jitter and latency measured to such extremely low levels. To make
this useful for a time server, you'd have to be down into the single
millisecond range, or even into the nanoseconds, for both latency and
jitter.
And no OLTP database in the world has ever attempted that.
--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
