Re: [Ntp] New rev of the NTP port randomization I-D (Fwd: New Version Notification for draft-gont-ntp-port-randomization-01.txt)

Miroslav Lichvar <mlichvar@redhat.com> Wed, 29 May 2019 07:47 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E83D6120100 for <ntp@ietfa.amsl.com>; Wed, 29 May 2019 00:47:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LgI3wR-LoJrU for <ntp@ietfa.amsl.com>; Wed, 29 May 2019 00:47:20 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 620F612001A for <ntp@ietf.org>; Wed, 29 May 2019 00:47:20 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8998D30024C9; Wed, 29 May 2019 07:47:19 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 961AB6148C; Wed, 29 May 2019 07:47:18 +0000 (UTC)
Date: Wed, 29 May 2019 09:47:16 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: "Gary E. Miller" <gem@rellim.com>, ntp@ietf.org
Message-ID: <20190529074716.GG11346@localhost>
References: <155841904754.12856.3727925672753047210.idtracker@ietfa.amsl.com> <9d21f083-4cba-1dd1-f5bb-c95984d3127b@si6networks.com> <9d74c6e3-244e-fdd7-184a-0572f4f144cd@ntp.org> <25275d68-8c18-1616-f226-dffe7e21091e@si6networks.com> <20190528174208.11253a67@rellim.com> <1a133133-5d6a-ca96-6c15-73e6933baffc@si6networks.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1a133133-5d6a-ca96-6c15-73e6933baffc@si6networks.com>
User-Agent: Mutt/1.11.3 (2019-02-01)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Wed, 29 May 2019 07:47:19 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Jb9sUUrT5vhm6EvSnADn6RaQDvg>
Subject: Re: [Ntp] New rev of the NTP port randomization I-D (Fwd: New Version Notification for draft-gont-ntp-port-randomization-01.txt)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 07:47:23 -0000

On Tue, May 28, 2019 at 10:56:39PM -0400, Fernando Gont wrote:
> > http://lists.febo.com/pipermail/time-nuts_lists.febo.com/2019-May/096536.html
> > 
> > Different NTP source ports yield varying quality results.
> 
> So... this would be an argument for "randomize the source port on a
> per-session basis, but not on a per-request basis", right?

I think it's actually an argument for randomizing the port on each
request. If there are multiple paths to the server and the selection
depends on the port number, the client needs to be changing its port
to make sure some of its requests take the shortest path. The clock
filter will drop measurements that took a longer path (assuming the
increase in delay is significant when compared to jitter and clock
dispersion).

If you had two clients in your network and they were synchronized to
the same server, there could be a significant offset between their
clocks if they used a fixed port. If they randomized their ports with
each request, the offset should be smaller and not change randomly
when the clients are restarted, etc.

Also, a client using a fixed port is easier to track. That might be
more relevant for the data minimization draft.

-- 
Miroslav Lichvar