Re: [Ntp] NTPv5 Loop Detection without Stratum - Why do we want this?

[Danny Mayer <mayer@pdmconsulting.net>]

On 9/19/22 3:36 AM, Miroslav Lichvar wrote:
> On Sun, Sep 18, 2022 at 12:07:50PM -0400, Danny Mayer wrote:
>> NTP looks at the selected candidates and chooses what it considers the best
>> at that time. Only one source is the chosen system which as you note is
>> marked as the one with the asterisk (*). You can only find that out with
>> ntpq (mode 6) queries. That becomes the reference ID for any downstream NTP
>> servers. I'm not sure what you are trying to point out.
> The discussion started about synchronization loops and how can they be
> detected and prevented. It's still in the subject.
>
> An NTP client selects multiple sources for synchronization (in ntpq
> marked as * and +). Loops can be happen over the * source and also the
> + sources.
>
> You seem to be focused on the selection of the system peer (*), from
> which is inherited stratum and other things. You are right that there
> is only one system peer, but there are other sources which can form
> synchronization loops.
I have no idea what point you are trying to make. The other potential 
sources would already have been eliminated if a loop was detected.
>>>> That's irrelevant. You are polling a server for time, what you do with it
>>>> depends on the analysis done on the packets.
>>> Right. So can you explain where measurements made in symmetric mode
>>> are handled differently than in client/server mode? A pointer to the
>>> RFC or code is sufficient.
>> The NTP reference implementation does this.
> I'm quite familiar with the "reference implementation", more than I'd
> like actually, but I have not seen what you are suggesting.
>
> Can you please tell us in which file and on what line we can see that
> difference in handling of measurements made in client/server mode and
> symmetric mode?

It's in there. If you don't want to read code you can read some of Dave 
Mills's papers. Here's one document reference and I'm sure that you can 
search for others. His book also talks about it.

https://doc.ntp.org/reflib/onwire/

>>> In symmetric mode each packet is a request and response at the same
>>> time, i.e. the number of messages is halved when compared to two
>>> client/server associations.
>> No. See the source code.
> Which file and line in the source code?
>
>>> As the responses follow the polling interval and are not send
>>> immediately when the request is received, this makes the symmetric
>>> mode susceptible to replay attacks. In client/server mode each request
>>> has its own response, independently from the polling of the other
>>> client/server association.
>> Not true. You misunderstand how symmetric mode works.
> Which part do you think I misunderstood?
>
>> A stratum-1 server that decides that it's reference clock is not reliable,
>> or unavailable, is no longer a stratum-1 server, it's just a downstream
>> server from it's selected server and is a stratum lower than that server.
>> I'm not sure what your question is since it's very basic to NTP.
> There was no question. I said clients of a stratum-1 server with a
> poor reference clock would prefer another server, possibly with a
> higher stratum, i.e. stratum doesn't indicate accuracy. You said it
> would no longer be considered a stratum-1 server. I disagree.

Sorry but the definition of a stratum-1 server is that it gets its 
preferred time from a refclock, whether it's an atomic clock or GPS or 
something else. You don't get to choose the definition on your own. If 
it doesn't get it from there then it needs to add 1 to the stratum 
number of the server it does get it's time from. If you are not doing 
that you have a broken application server.

Danny