[6bone] IPv6 NTP testing

John Hay jhay@icomtek.csir.co.za
Thu, 21 Aug 2003 06:07:28 +0200


On Wed, Aug 20, 2003 at 06:24:41PM -0500, Frederick Bruckman wrote:
> On Wed, 20 Aug 2003, Pim van Pelt wrote:
> 
> > On Wed, Aug 20, 2003 at 10:28:59AM -0400, Kimmo Suominen wrote:
> > | Let's see if I understood this correctly way back...
> > |
> > | ntpd needs to send responses back using the same IP address that it
> > | received the original request on.  To track the addresses, it uses
> > | separate file descriptors.
> > I understand this, thanks for the explanation. It sounds like a good
> > approach, but I do not really want ntpd to bind (and service requests)
> > from just any IP address. Looking at my list:
> 
> > | | AND on the UDP unspecified address in both protocol families:
> > | | udp6       0      0  *.123                  *.*
> > | | udp4       0      0  *.123                  *.*
> > What good do these do if we already listen to specific IPs ?
> 
> I believe that's to catch IP addresses that were configured after the
> daemon was started. There are obvious problems with the entire plan.
> Consider the case of symetric peers, where neither node is responding
> to a packet from the other, but rather, both try to time it to send
> packets at roughly the send time.
> 
> > What I'd like is some syntax on the command prompt to force binding of
> > IPs, such as ntpd -B [2001:7b8:3:2c::123] -B 213.136.12.53, making
> > the daemon keep its hands off of  IPs it should not be touching.
> 
> You're not the first person to ask for this on a newsgroup or public
> list. HOWEVER, there doesn't seem to be a single request for it in the
> list of open bugs on bugzilla.ntp.org (hint).
> 
> By the way, there is an "-L" option not to listen to virtual IP's, but
> it's a hack that only works on Linux, as the distinction doesn't even
> make sense on other OS's. It's not as if you'd necessarily want the
> "real" IP, whatever that means, to handle the ntpd traffic anyhow.
> For what it's worth, I do like the idea of a "-B" option, but I would
> also like an "interface" keyword.

Guys, if you are really serious about this feature, get the latest
ntp-dev code from bitkeeper, implement it and send it as a patch to
bugzilla.ntp.org. :-) Really. I don't think any of us are against
the idea, it is just the people working on ntp are mostly volunteers
with other targets on their agendas. Oh, and test it for the different
kinds of ntp setups, especially autokey because that is one of the
reasons that ntpd needs to know the addresses.

John
-- 
John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org