IETF Logo Mail Archive

Re: [Ntp] ntpv5 requirements

Dieter Sibold <dsibold.ietf@gmail.com> Wed, 15 February 2023 19:03 UTC

Return-Path: <dsibold.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18244C14EB1A for <ntp@ietfa.amsl.com>; Wed, 15 Feb 2023 11:03:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9dPMEcPUWFli for <ntp@ietfa.amsl.com>; Wed, 15 Feb 2023 11:03:32 -0800 (PST)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3C55C140675 for <ntp@ietf.org>; Wed, 15 Feb 2023 11:02:42 -0800 (PST)
Received: by mail-ed1-x52b.google.com with SMTP id cq19so21936779edb.5 for <ntp@ietf.org>; Wed, 15 Feb 2023 11:02:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WTVYRQMRIk++RSlstQsFrXe0VTLqnM1BkYLYWEBGnTE=; b=dNaDgOtMPGR9wLIMr/CtEjnKa/+h2DNEiubrz/A8JqoI0xiO4+jCosuhyWo2/kIkJ3 4ftt3749+Ubl7koImy5bnyJ6JHdzoFiM4Y8axT9Dfv3patGzLnFv9wVPX5NOxJ9DRRIX qn7PgS11ZonDC1//vU+w8zuryW6EMfr4g17N9RuaHyHLeWGmtWry6MECbg4epk+kDbSB yA+iF8zf4jSNHT9xhGxXCYusYS1T9GNXoXjVxOJEnqSsfZ9THqXgMGRA5e/0YgdGZN0O AoPuFl5ai1wnBUCvsQpRk/KTkVaM1HmCScZEgR96gMZa/pvpW23yKoszjS/Qk7+tsy2p JXlw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WTVYRQMRIk++RSlstQsFrXe0VTLqnM1BkYLYWEBGnTE=; b=EyPr7cuLYuPqt0lcSMHFx6Jeom6F0k+M65k3JuZLqyvGZedDtyd1IxTNd1aCECFRvs L4wp0E9kc2LR4nttABlmDzNFMbY5eW3+SHCCMeRkEaKQZ2wtK2WiW2bmDRh0vvoEuhbg A7CKscAlN+17bb8xAEFqXC+BAPPT8ksp/hXSq/jhEqcQR7FSQRjTmdAnORUU271vD789 /w9fesmyXM4NBEM9JjPTKvQlr+Tf74W20iavMn2/6IXOX4mHu6rRVbHXp5SYtmnjjFmn 4CcHSAf70UuHh1FV0wjntwmJELHN74rUW7bS50uZm/cxueomCgeh41fqPKl0pDQm5j9P bEbw==
X-Gm-Message-State: AO0yUKXlsSnz6u5T9PdBrSDYNjsGerT7/rK17bh8i3mBoifkvy4LTzzL rjpQbLRHLnoxWGZoKC7vuQo=
X-Google-Smtp-Source: AK7set+QatcfXNJJiAfjbdSNzGT3dB/oNmgQmubXvaB940QZQALSl8GasmWUlCmBkSoDup5YiCj7oQ==
X-Received: by 2002:a17:907:2179:b0:88e:e498:109b with SMTP id rl25-20020a170907217900b0088ee498109bmr3708217ejb.5.1676487760779; Wed, 15 Feb 2023 11:02:40 -0800 (PST)
Received: from smtpclient.apple (p549b405a.dip0.t-ipconnect.de. [84.155.64.90]) by smtp.gmail.com with ESMTPSA id ov38-20020a170906fc2600b008af574e95d7sm8093019ejb.27.2023.02.15.11.02.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 15 Feb 2023 11:02:40 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_7CE15409-D4A0-44A3-B468-398CFCCC1EAB"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
From: Dieter Sibold <dsibold.ietf@gmail.com>
In-Reply-To: <Y+yvPytsVs6lTzyP@localhost>
Date: Wed, 15 Feb 2023 20:02:28 +0100
Cc: ntp@ietf.org
Message-Id: <617F4490-EDD3-4C54-94BF-68241B011111@gmail.com>
References: <DB8PR02MB5772E45732B25646F7CAE211CFD99@DB8PR02MB5772.eurprd02.prod.outlook.com> <Y+pgBgc/5dJ9wtAP@localhost> <2bbcdc7b-a47c-8421-0278-0ac364faaeea@nwtime.org> <OF7B624B98.C1ECCBBE-ONC1258956.00440F55-C1258956.00448C93@ptb.de> <8bfc7ac6-7696-1ac8-c2a3-62aa0084e07f@nwtime.org> <B5BBCED7-23AB-435E-A512-1661A8E108BE@gmail.com> <Y+yvPytsVs6lTzyP@localhost>
To: Miroslav Lichvar <mlichvar@redhat.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/4Xj9sBKP7whhNwVgPiFpy6pQt4Q>
Subject: Re: [Ntp] ntpv5 requirements
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Feb 2023 19:03:37 -0000

see below

> Am 15.02.2023 um 11:09 schrieb Miroslav Lichvar <mlichvar@redhat.com>:
> 
> On Wed, Feb 15, 2023 at 08:34:23AM +0100, Dieter Sibold wrote:
>> PTB enhanced all its public facing NTP servers with NTS. We observe that NTS traffic is increasing but slowly. In case of PTB the amount is smaller than 1% of the total traffic.
> 
> If you don't mind sharing, what is the ratio of "Authenticated NTP
> packets" to "NTS-KE connections accepted" in the serverstats report on
> your servers?

I shall ask our operational staff.

> 
>> Hence it should be safe for the NIST to enable NTS also. Beside, if the amount of traffic is going to be a problem the NTP and NTS service can also be provided by FPGA; see for example Netnod’s NTS service.
> 
> If you care about minimizing costs, FPGAs don't seem to be well suited
> for implementing NTS. See this (very interesting) presentation from
> Christer:
> 
> https://www.netnod.se/nts/nts-in-a-fpga-christer-weinigel-netnod-meeting-2022
> 
> It's an interesting project, but those FPGAs are quite expensive. It
> seems to me you can get much better performance/cost with common
> x86-64 CPUs.

I agree. And for the majority of server the x86-64 CPUs will more than be sufficient. But for extrem cases like the NIST it might be solution. This might be more expensive than standard hardware but I suppose the majority of metrology institutes could justify higher costs because in many cases they are legally entrusted to disseminate time.
> 
R
> 
> --
> Miroslav Lichvar
>

v2.23.0 | Report a Bug | By Email