IETF Logo Mail Archive

Re: [Ntp] Antwort: Re: Symmetric mode

Miroslav Lichvar <mlichvar@redhat.com> Mon, 03 October 2022 07:48 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E0F4C14F74D for <ntp@ietfa.amsl.com>; Mon, 3 Oct 2022 00:48:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.678
X-Spam-Level:
X-Spam-Status: No, score=-7.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V64Cs8qJ2Xad for <ntp@ietfa.amsl.com>; Mon, 3 Oct 2022 00:48:03 -0700 (PDT)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06CDCC14F74A for <ntp@ietf.org>; Mon, 3 Oct 2022 00:48:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664783281; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ujYgWep0zLVg/0sWlRgSj0+IATI9wBdWR7lLTjh1jy0=; b=K7kS9yhGt4AobU9o/84KVchQdqOWOJ9rPLFX9YfzctdJ5aO3vORJC+xCf18Q7qRDRCMfGe +dAi/sF6EWj2DEj8T75pN9JHtpxgtHwoTae9pDtSA5IltD0M4J6L5vxyg3FAosdQoFqVSB YSb2seWpCyfB/xM9nuhtPwoEqHaPP50=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-160-derrdx3UNDuROGvPx_9Qcw-1; Mon, 03 Oct 2022 03:48:00 -0400
X-MC-Unique: derrdx3UNDuROGvPx_9Qcw-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E909985A583; Mon, 3 Oct 2022 07:47:59 +0000 (UTC)
Received: from localhost (unknown [10.43.135.229]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 468282166B26; Mon, 3 Oct 2022 07:47:59 +0000 (UTC)
Date: Mon, 03 Oct 2022 09:47:58 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Danny Mayer <mayer@pdmconsulting.net>
Cc: kristof.teichel=40ptb.de@dmarc.ietf.org, ntp@ietf.org
Message-ID: <YzqTruKg1xr5VSZH@localhost>
References: <20220919024614.4AB8328C1E2@107-137-68-211.lightspeed.sntcca.sbcglobal.net> <YygwAeTMeSHXXk6t@localhost> <OF42F0D0F6.E94FA935-ONC12588C3.005225C3-C12588C3.0054DC8B@ptb.de> <d13df0b6-7c47-820e-5dbd-21dd7e2d4801@pdmconsulting.net> <YywRhCmTD4mt8KTy@localhost> <9eac8a08-80d7-0d23-940a-d00c4bb2382f@pdmconsulting.net> <YzGErHj7nkt+Ehd8@localhost> <f28113c5-74ed-43a3-2982-ff9250facfb8@pdmconsulting.net> <YzXNRa2Smcs5UsRb@localhost> <d667af83-1358-c249-8752-11fadcc918a8@pdmconsulting.net>
MIME-Version: 1.0
In-Reply-To: <d667af83-1358-c249-8752-11fadcc918a8@pdmconsulting.net>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/IyTCkrt-pcUI0BHVLm7sjzji2ek>
Subject: Re: [Ntp] Antwort: Re: Symmetric mode
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2022 07:48:05 -0000

On Fri, Sep 30, 2022 at 08:25:00PM -0400, Danny Mayer wrote:
> On 9/29/22 12:52 PM, Miroslav Lichvar wrote:
> > How would they decide which one is a client and which one is server?
> The initiator of the request is acting as the client for the packet and the
> other one acts as the server. When the other peer initiates a packet it is
> the client.

I guess it might be possible to use the origin timestamp to detect
requests and responses, but that is not how NTP was designed to work.
It uses the mode number and in the case you are describing it's the
client and server mode.

> > In Figure 15 of the RFC (describing the state of two peers) you can
> > clearly see that there are only 2 messages per poll.
> > 
> > 
> >                  t2      t3                 t6          t7
> >          ---------------------------------------------------------
> >                   /\         \                 /\            \
> >                   /           \                /              \
> >                  /             \              /                \
> >                 /               \/           /                 \/
> >          ---------------------------------------------------------
> >               t1                t4         t5                  t8
> > 
> 
> I'm not sure what you are seeing.

There are two peers sending packets to each other. Each peer sends one
packet per poll. There are four packets shown in the figure. Each one
is a request and all except the first one are also responses. The
peers update their state with each received packet.

If they were using the client/server mode, it would look like this:

        t2  t3        t5         t8       t10 t11      t13        t16
  --------------------------------------------------------------------
        /\  \         \         /\        /\  \         \         /\
       /     \         \       /         /     \         \       /
      /       \         \     /         /       \         \     /
     /         \/        \/  /         /         \/        \/  /
  --------------------------------------------------------------------
    t1         t4        t6  t7       t9         t12      t14  t15


There are twice as many packets for the same number of measurements.
Half of them are requests and the other half are responses. Requests
don't update the state of the server. This is why the client/server
mode is more secure.

The best way to understand the protocol is to write your own minimal
implementation. If you implemented both modes, I think you would agree
that symmetric mode is not worth the trouble.

Please, at least make your own packet capture between two peers and
see that it works how described here. It's not a bug. If it was
a bug, it would be noticed after all those years. You are just
spreading misinformation and confusing others.

-- 
Miroslav Lichvar

v2.23.0 | Report a Bug | By Email