IETF Logo Mail Archive

Re: [Ntp] Antw: [EXT] Re: Public NTP servers already responds to NTPv5

Danny Mayer <mayer@ntp.org> Wed, 02 December 2020 00:07 UTC

Return-Path: <mayer@ntp.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF50E3A0B71 for <ntp@ietfa.amsl.com>; Tue, 1 Dec 2020 16:07:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5kka9oXn4qRY for <ntp@ietfa.amsl.com>; Tue, 1 Dec 2020 16:07:05 -0800 (PST)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC9593A0B87 for <ntp@ietf.org>; Tue, 1 Dec 2020 16:07:05 -0800 (PST)
Received: from l34097ous.fios-router.home.rpega.com (unknown [131.226.28.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 4ClzmS3lBFzMNBv; Wed, 2 Dec 2020 00:07:04 +0000 (UTC)
To: Hal Murray <hmurray@megapathdsl.net>, ntp@ietf.org
References: <20201201214534.AABF440605C@ip-64-139-1-69.sjc.megapath.net>
From: Danny Mayer <mayer@ntp.org>
Message-ID: <6c93ddee-2089-98e8-9099-cb083d083da0@ntp.org>
Date: Tue, 01 Dec 2020 19:06:47 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <20201201214534.AABF440605C@ip-64-139-1-69.sjc.megapath.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/-7sBiodn8FRv2igLNFF0JaDWriE>
Subject: Re: [Ntp] Antw: [EXT] Re: Public NTP servers already responds to NTPv5
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 00:07:12 -0000

On 12/1/20 4:45 PM, Hal Murray wrote:
> Ulrich.Windl@rz.uni-regensburg.de said:
>> IMHO a v4 server should _never_ answer a packet version it does not know
>> about. I know you cannot change the past, however.
> If a v4 server gets a v5 request, it could respond with a v4 reply.  That's
> the best it can do.  That might simplify the transition.  A client doesn't
> have to know if the server it is going to talk to is v5 or v4.
>
> The first assumption is that the mode and version fields stay in the same
> place so a server can figure out that it is a v5 request.  It also assumes
> that the v4 servers planned ahead for something like that.  For the pool where
> most systems are reasonably well attended it may be possible to retrofit v4
> servers that don't get updated to v5.  Or we could split the pool into v4 and
> v5.
>
> If a v5 client gets a v4 response, it could process it.  That's assuming there
> is enough overlap between v4 and v5 fundamental concepts so that the old
> response has enough data to be useful.
>
> If the v4 packet format is different from v5, the above requires extra code.
> If the packet format is very close, the extra code could be small.  At worst
> it is 2x.  The server side is only a page or two so 2x isn't unreasonable.  I
> think the client side is similar but I haven't looked as carefully
>
> 30% of the traffic to a pool server is v3.
>
That's because the clients making the queries haven't been upgraded in 
decades. That's not surprising because once NTP is set up you don't 
really need to change anything, what I call a set-and-forget 
application. There are routers and switches and all sorts of hardware 
out there which have been running for years and as long as they are 
working they don't get upgraded or replaced.

Noone is going to be bothering to update a NTPv4 client to deal with a 
server returning V5 packets. See above. The only way to support V4 
clients is to make the V5 packet a V4 packet plus extra stuff. It's 
unlikely that anything else would work.

It's essential that any NTPv5 document deal with interoperability with 
NTPv4 clients and servers. NTPv5 will fail without it.

Danny

v2.23.0 | Report a Bug | By Email