[dhcwg] Re: [ntpwg] Network Time Protocol (NTP) Options for DHCPv6
"TS Glassey" <tglassey@earthlink.net> Wed, 14 November 2007 13:11 UTC
Return-path: <dhcwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IsI1e-0003Fe-Bf; Wed, 14 Nov 2007 08:11:26 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IrHui-0003VD-7R for dhcwg@ietf.org; Sun, 11 Nov 2007 13:52:08 -0500
Received: from elasmtp-kukur.atl.sa.earthlink.net ([209.86.89.65]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IrHuh-0004Zc-Jw for dhcwg@ietf.org; Sun, 11 Nov 2007 13:52:08 -0500
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=Wj230CZAnkuMxBjjkJjtb6ifReLnu9KSO0RWWE4/oqxxVguK4Tc6fsuMU/m5Plof; h=Received:Message-ID:From:To:Cc:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
Received: from [24.23.176.93] (helo=tsg1) by elasmtp-kukur.atl.sa.earthlink.net with asmtp (Exim 4.34) id 1IrHug-0005rw-L9; Sun, 11 Nov 2007 13:52:06 -0500
Message-ID: <005a01c82494$17d194f0$6401a8c0@tsg1>
From: TS Glassey <tglassey@earthlink.net>
To: "David L. Mills" <mills@udel.edu>
References: <A05118C6DF9320488C77F3D5459B17B7062ED3C6@xmb-ams-333.emea.cisco.com><4733482A.7020302@sun.com><A05118C6DF9320488C77F3D5459B17B70634E4E5@xmb-ams-333.emea.cisco.com><4735A243.6090905@sun.com> <47368636.3070007@udel.edu><4736F7A7.2090707@sun.com> <473736A7.5000801@udel.edu>
Date: Sun, 11 Nov 2007 10:52:59 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79d8fb97eb214c03c0c1687fd845a8690b350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 24.23.176.93
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b132cb3ed2d4be2017585bf6859e1ede
X-Mailman-Approved-At: Wed, 14 Nov 2007 08:11:04 -0500
Cc: ntpwg@lists.ntp.org, dhcwg@ietf.org
Subject: [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) Options for DHCPv6
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Errors-To: dhcwg-bounces@ietf.org
Dave I can understand the ISC's goal in using DHCP but how does this work for the users? DHCP also has problems with being constrained to the same subnet unless provisions are made for its propagation... maning that without special provisions for propagating DHCP across a local subnet this may not be of any use at all. Especially since today its VERY rare to find anyone who wants to route DHCP through their network, so maybe the IETF's new NEA protocol could be a solution for this??? Todd ----- Original Message ----- From: "David L. Mills" <mills@udel.edu> Cc: <ntpwg@lists.ntp.org>; <dhcwg@ietf.org> Sent: Sunday, November 11, 2007 9:06 AM Subject: Re: [ntpwg] Network Time Protocol (NTP) Options for DHCPv6 > Brian, > > My model about the keys is that the DHCP server would supply a key ID > for the NTP server(s) as configured, but not the keys themselves. The > keys would have to be configured for the NTP server and client > separately. The DHCP server would be responsible only for the opaque key > ID. > > There is an issue about the security of the DFCP server itself; that is > another issue. I'm assuming the DHCP server is behind the firewall. > > The mode specification could be any of the valid NTP modes. If client > (3) it would be an ordinary client/server association. A means would be > necessary to specify broadcast client, as that is not a mode in the > strict sense. It could be symmetric active (1), in which case the victim > would initiate that type association. To specify symmetric passive (2) > means that the victim should wait for a symmetric active (1) packet. > This does not seem useful. > > Dave > > Brian Utterback wrote: > >> David L. Mills wrote: >> >>> >>> 1. Listen for broadcast/multicast on <address> and do/do not execute >>> a volley. I like the delay field to enable/disable that and have >>> added it to ntpd. In principle, the delay can be determined from the >>> DHCP packets themselves, a feature that might be added. >>> >> Right, I am fine with having the delay given and novolley specified. >> You can't determine the delay from the DHCP >> packets because the DHCP server is likely not the NTP server. The DHCP >> server may be multiple hops away. >> >>> 2. Troll the pool at one of the pool DNS names, us.pool.ntp.org, etc. >>> The client should be smart enough to use/not use iburst and preempt >>> flags. >> >> >> This argues for having another possible field/format, where a string >> for lookup is given. >> >>> >>> 3. Specify a list of <addresses> to send to, each together with the >>> mode and minpoll. I don't think maxpoll is useful either. >> >> >> What other mode than active client do you envision? >> >>> >>> 4. Specify a manycast server group address, ttl limit and beacon >>> interval. >> >> >> Okay. >> >>> >>> In the broadcast/multicast, pool and manycast schemes, we need the >>> optional tos floor and tos ceiling and tos cohort commands as well. >>> All schemes may need the key ID or Autokey flag. >> >> >> Interesting. I agree that a key needs to be specified somehow, but it >> is not clear >> to me how to do it. We have to assume that the client does not have >> the same NTP >> keys. However, we would like a way to specify a server and keys >> securely, so that >> the security of the network depends only on the security of DHCP. >> Again I am not >> up to date, *is* there a secure DHCP? If so, then how to get keys to >> the clients >> becomes an issue. >> >> >>> >>> All this makes me nervous. A possible alternative is simply to send a >>> configuration file like the ntpq program can now. However, this of >>> course is implemention specific. It might be useful to provide the >>> name of a local configuration file only. The most important thing is >>> to make it flexible for use by current ntpd and possibly others. >>> >> It seems (as you said) that a general purpose configuration mechanism >> is needed. One that >> is implementation neutral. We have talked in the past about config >> over LDAP and HTTP. >> Maybe we need to revist that. It would not have to be built into ntpd, >> though, it could easily >> live as a separate process. >> >> Brian >> >>> >> > > _______________________________________________ > ntpwg mailing list > ntpwg@lists.ntp.org > https://lists.ntp.org/mailman/listinfo/ntpwg _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] Network Time Protocol (NTP) Options for D… Benoit Lourdelet (blourdel)
- [dhcwg] RE: [ntpwg] Network Time Protocol (NTP) O… Benoit Lourdelet (blourdel)
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Bud Millwood
- [dhcwg] Re: [ntpwg] Digital Evidence Standards an… Shane Kerr
- [dhcwg] RE: [ntpwg] Network Time Protocol (NTP) O… Mark Elliot
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Harlan Stenn
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… TS Glassey
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Brian Utterback
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… David L. Mills
- [dhcwg] Digital Evidence Standards and a statemen… TS Glassey
- [dhcwg] Re: [ntpwg] Digital Evidence Standards an… TS Glassey
- [dhcwg] Re: Digital Evidence Standards and a stat… David L. Mills
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- [dhcwg] Re: [ntpwg] Network Time Protocol (NTP) O… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ralph Droms
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David L. Mills
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- RE: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ralph Droms
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Harlan Stenn
- RE: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Andrews
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Bud Millwood
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… M. Warner Losh
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Benoit Lourdelet (blourdel)
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… anthony.flavin
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… TS Glassey
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brian Utterback
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Mark Stapp
- Re: [dhcwg] Re: [ntpwg] Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David L. Mills
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Danny Mayer
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Hal Murray
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brad Knowles
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… anthony.flavin
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… David W. Hankins
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Josh Littlefield
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Brzozowski, John
- Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Ted Lemon
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Bud Millwood
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Mark Stapp
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Ted Lemon
- RE: [ntpwg] [dhcwg] Re: Network Time Protocol (NT… Woundy, Richard
- Re: [dhcwg] Network Time Protocol (NTP) Options f… Danny Mayer
- RE: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Richard Gayraud (rgayraud)
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Brian Utterback
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Brad Knowles
- RE: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… anthony.flavin
- Re: [ntpwg] [dhcwg] Network Time Protocol (NTP) O… Danny Mayer