Re: [Ntp] Antw: Re: Calls for Adoption -- NTP Extension Field drafts -- Four separate drafts

Heiko Gerstung <> Wed, 28 August 2019 11:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 68B2B120110 for <>; Wed, 28 Aug 2019 04:08:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.289
X-Spam-Status: No, score=-4.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 82sGNJfyjNHJ for <>; Wed, 28 Aug 2019 04:08:52 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A5C64120108 for <>; Wed, 28 Aug 2019 04:08:52 -0700 (PDT)
Received: from (unknown []) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 0527B71C089C; Wed, 28 Aug 2019 13:08:49 +0200 (CEST)
X-DKIM: Sendmail DKIM Filter v2.8.2 0527B71C089C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail201101; t=1566990531; bh=AX9etdYpov+hoypDiDN1+WYohqGhgOaxlusUFVjaaBQ=; h=Date:Subject:Message-ID:References:In-Reply-To:Mime-version:From: To:Content-Type:Content-Transfer-Encoding; b=eHT77HGsdJbWGgxeXGRSHtR53BQXgUVZt8o3VCOuuK8t3E+MkEvaC7GsvbAe+3UNz 2S/cdcMaewA2QDN9SUg+bZm0eVw1bCVd/mT3G9A3vHnqkOEBDocaUb7UgLSyleE/z/ fC1I8a494fpTZkomveJ6wR3JgsVsB2p7rMEHetb8=
X-Kerio-Anti-Spam: Build: [Engines:, Stamp: 3], Multi: [Enabled, t: (0.000009,0.009933)], BW: [Enabled, t: (0.000008)], RTDA: [Enabled, t: (0.067739), Hit: No, Details: v2.7.53; Id: 15.1i61ggg.1djbujpv8.doavg], total: 0(700)
X-Footer: bWVpbmJlcmcuZGU=
User-Agent: Microsoft-MacOutlook/10.1c.0.190812
Date: Wed, 28 Aug 2019 13:08:46 +0200
Message-ID: <>
Thread-Topic: [Ntp] Antw: Re: Calls for Adoption -- NTP Extension Field drafts -- Four separate drafts
References: <> <> <> <> <20190828103752.GI24761@localhost>
In-Reply-To: <20190828103752.GI24761@localhost>
Mime-version: 1.0
Importance: Normal
X-Priority: 3
Thread-Index: AZ2x3tU+MDNjYzVhNjFjMDY4OWQ0MA==
From: Heiko Gerstung <>
To: Miroslav Lichvar <>, "" <>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: clamav-milter 0.100.3 at server1a
X-Virus-Status: Clean
Archived-At: <>
Subject: Re: [Ntp] Antw: Re: Calls for Adoption -- NTP Extension Field drafts -- Four separate drafts
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 28 Aug 2019 11:08:56 -0000

Hi Miroslav,

I do not think that it would add a lot of complexity if we would change the packet header format. 

Can you explain why you want to keep the 48 bytes length? Why is that so important? What would happen if the new v5 packet format would have, let's say, 56 bytes?

Any implementation that wants to be v4/v5 compatible can easily deal with two different packet header formats IMHO. Handling this in the right way will not remotely add as much complexity as all the other v5 changes will cause. Think about the added complexity when someone has to implement the RefID handling as described in that draft, compared to just having an additional field in the packet that indicates there is a leap second smear going on, or there is a specific ID that you want clients to use when they refer to your server in their RefID field. 

Please do not get me wrong, I do not want to change the NTP packet format at any cost (or for the sake of change or to make it as hard as possible for implementors), I just want to avoid that we all try to stick with the current format (that arguably has some shortcomings, as illustrated by the presented drafts) just because we want to avoid that someone implementing NTPv5 has to add a second packet header structure to their code and, upon receiving or sending a packet, has to select which of the two formats to work with. 

This *exactly* is why there is a version field in the header, and it is placed very close to the start of the packet to make it efficient and secure for implementations to support multiple NTP versions. 

Again, lets change the NTP packet format for v5 to make things easier and less complex for future implementations. And do not stick with the format just because you want to avoid changing your own code too much, protect bad/faulty implementations or save firewall admins from having to touch their configuration. 

That said, I would be happy to start working on v5, maybe by collecting a list of all the issues and problems that we all see in v4 and the features we would like to see added. But maybe we should open another email thread for this. 

Best Regards,

Heiko Gerstung 
Managing Director

MEINBERG® Funkuhren GmbH & Co. KG
Lange Wand 9
D-31812 Bad Pyrmont, Germany
Phone:    +49 (0)5281 9309-404
Fax:        +49 (0)5281 9309-9404

Amtsgericht Hannover 17HRA 100322
Geschäftsführer/Management: Günter Meinberg, Werner Meinberg, Andre Hartmann, Heiko Gerstung


Do not miss our Time Synchronization Blog: 

Connect via LinkedIn:

On 28.08.19, 12:39 "ntp im Auftrag von Miroslav Lichvar" < im Auftrag von> wrote:

    On Wed, Aug 28, 2019 at 12:07:53PM +0200, Heiko Gerstung wrote:
    > Regarding backwards compatibility of NTPv5: I think it would be no problem to change the NTP packet format if there are requirements we want to meet that can be fulfilled more efficiently with a changed packet header. Any implementation that ignores the version field deserves whatever happens to it and, since a client mode packet contains the version number, an NTP server would most probably have to reply to a v4 client request with a v4 server response anyway. Only if an implementation sends a request with version=5 and then tries to decode the response based on a v4 packet format there will be a problem. And again, implementations doing this should go down in flames anyway IMHO. 
    I think a good reason to keep v5 mostly compatible with v4, similarly
    to how previous versions were compatible with one another, would be
    avoiding extra complexity in both server and client implementations.
    My suggestion would be to keep the NTP header 48 octets long and
    change only two fields: the refid and reference timestamp. They are
    ignored by current servers and most clients. That gives us 12 octets
    of contiguous space in the header to work with. That's plenty for the
    timescale negotiation and other metadata. Longer fields should be in
    extension fields. No MACs allowed.
    FWIW, I'm willing to help with the NTPv5 specification if people are
    considering to start working on that.
    Miroslav Lichvar
    ntp mailing list