Re: [Ntp] NTS Pools

"Windl, Ulrich" <> Thu, 29 February 2024 07:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 10E9DC15107A for <>; Wed, 28 Feb 2024 23:16:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4Ii4Wrbqmfjl for <>; Wed, 28 Feb 2024 23:16:43 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7CEDEC151078 for <>; Wed, 28 Feb 2024 23:16:40 -0800 (PST)
X-CSE-ConnectionGUID: ihB5ZgS0TCOk9QFC+4wbog==
X-CSE-MsgGUID: qbT+3WPaQ8alT3ioCJRkrw==
X-ThreatScanner-Verdict: Negative
X-IronPort-AV: E=McAfee;i="6600,9927,10998"; a="664230"
X-IronPort-AV: E=Sophos;i="6.06,192,1705359600"; d="scan'208";a="664230"
Received: from unknown (HELO ukr-excmb02.ukr.local) ([]) by dmz-infcsg02.ukr.dmz with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Feb 2024 08:16:37 +0100
Received: from ukr-excmb03.ukr.local ( by ukr-excmb02.ukr.local ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 29 Feb 2024 08:16:36 +0100
Received: from ukr-excmb03.ukr.local ([fe80::1cb4:6e0c:6da4:a8a0]) by ukr-excmb03.ukr.local ([fe80::1cb4:6e0c:6da4:a8a0%4]) with mapi id 15.01.2507.035; Thu, 29 Feb 2024 08:16:36 +0100
From: "Windl, Ulrich" <>
To: Miroslav Lichvar <>, "" <>
CC: David Venhoek <>, NTP WG <>, "" <>, "" <>, Rainer Bermbach <>
Thread-Topic: [Ntp] NTS Pools
Thread-Index: Adpq3lyyHMp+F7FcR1Gj2jw363lq4w==
Date: Thu, 29 Feb 2024 07:16:36 +0000
Message-ID: <>
Accept-Language: de-DE, en-US
Content-Language: de-DE
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Ntp] NTS Pools
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 29 Feb 2024 07:16:44 -0000


While it may "work", there are some issues/comments:
1) If you use the pool like a plain server, one would add the same name multiple times (to get multiple servers). However there's no guarantee that different servers will be selected
2) The special pool directive handles these issues (automatically "pull" some servers from the pool, and once some seem 
dead, pull new ones). I guess it will also avoid duplicate IPs (which may mean duplicate servers unless those are multi-homed or use multiple IPs on one interface)
3) The mechanism relies on the fact that a server specified as FQDN is resolved to an IP only once by NTP; if it would resolve once per poll, you could get a different server each poll, breaking the synchronization.

Kind regards,

-----Original Message-----
From: ntp <> On Behalf Of Miroslav Lichvar
Sent: Monday, February 26, 2024 12:21 PM
Cc: David Venhoek <>; NTP WG <>;;; Rainer Bermbach <>
Subject: [EXT] Re: [Ntp] NTS Pools


This DNS-based concept of a pool works with plain NTP and it works
also with NTS. There can be multiple NTS servers available under the