Another problem with this just being replaced with a package that is not feature-compatible:
Requiring a switch to unicast also necessitates firewall changes across the entire network, if multicast or broadcast was previously in use. Firewalls between the clients and the NTP servers will either require a stateless ACL entry added for UDP/123 bi-directionally, which is undesirable, or perform inspection on udp/123 packets toward the server so they can maintain state entries for those UDP sessions every time a client polls the server. The configuration change is simple, but it's not nothing. Sites with limited available WAN bandwidth (think analog modems, low- speed wireless links, fractional PRI, BRI, satellite with analog modem uplink, etc) can also experience a negative impact from the extra traffic, including more packet loss, higher delay, more clock spread among the systems behind that link, and impact to other traffic that needs to use that link. A single multicast or directed broadcast over those links achieves reasonable clock synchronization with minimal impact and can be QoSed high enough to be unlikely to drop when congested. With bi-directional unicast traffic, keeping that high DSCP means NTP would now have a much larger impact on all other traffic. Reducing it would lead to more queued or dropped NTP packets, unpredictably, for each client. None of these issues are major and all have workarounds or solutions available, either with ntpsec or by switching to a different package. But they are cases impacted by this swap to add to the list of reasons ntp silently being swapped for ntpsec is non-ideal while being aliased as ntp. I'm all for ntpsec being the new default (or chrony or timesyncd), but ntpsec is not ntp and it is a breaking change to treat it like it is. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2039252 Title: [needs-packaging] The packages ntp and ntpsec are not equivalent To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/2039252/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
