IETF Logo Mail Archive

Re: [Ntp] SNTP, Old crufty software

James <james.ietf@gmail.com> Fri, 12 August 2022 11:06 UTC

Return-Path: <james.ietf@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E77DBC157B4B for <ntp@ietfa.amsl.com>; Fri, 12 Aug 2022 04:06:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 339R59d5iNpC for <ntp@ietfa.amsl.com>; Fri, 12 Aug 2022 04:06:20 -0700 (PDT)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D547C1594AE for <ntp@ietf.org>; Fri, 12 Aug 2022 04:06:20 -0700 (PDT)
Received: by mail-ed1-x52f.google.com with SMTP id b96so941420edf.0 for <ntp@ietf.org>; Fri, 12 Aug 2022 04:06:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc; bh=jdhvd8xPk/wFms27Sb2mFrzZyxs0TMwgWmz7Pv7Urk4=; b=laiTIUAcIjRZGGsg6Fa+TYxs5FlBnol9XGKI22x0SeyLQUKAqvqjDdDC2HwuHBCahm U2jR1QwHdRgoiXeriORLjNq+TAouHsrqWFxmBW7q7ImHFpma4iWpOOoBRIWAfl/sQMlz xQnkUC7fkSPDbYqssNiWv1x6AqW8TljQJr2FslznLCjI2duqN6v3bORdndxKjS8mZ8++ msnUjQWacTtc6rSUBx1fV5hSsczFp9Je+TXuQxRHnAOOalFKKX4r7lsAQENdptsY+3ZT e4gxB05aqwdCG5GZSESdPUDMpzJ4pjUFJ0aIJpwSCj1SExAAZDDODgK+f+w+I8ujvbHh 2nzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc; bh=jdhvd8xPk/wFms27Sb2mFrzZyxs0TMwgWmz7Pv7Urk4=; b=z+oI/1Eltx2llRm5/XCgU8TeRYvK2XED5337qncuP7LhuYxPHTcg4VyjuGMNUInmF7 IB6pFuxLSLzscbMf9r05WBSKpMtTvhu1K3LgRnWxcskjYVeSFyO/joDmYPK3U0CM371q LTM4CBzcTSEM7bBJ8WN51odaWR1T5MJ1b35M3wZ7HFdtVs62vIQGwN0X6PSkr9SfVFmu 6Zmn+nBR/hXg9RWlUuusZUuNYXZC4PwdvxPtfrDyj3JIkk2dlt4SVbvVde+WYLreQ6bV /d7/iLXZVyMgyb8gi4GU+AI2BdYHU7LruWOtjU1wCjuMtWnndzcMJVUHqJXtkhIfaAMw eFJg==
X-Gm-Message-State: ACgBeo2aVsxK27YBdJpvpHOINKkRRHqp1DYnWEXg2vpZcs72Tphmi2xO QqOmwOBC9otnSqPIhpyrKwI=
X-Google-Smtp-Source: AA6agR76TzZQZvn6Q9FcJrmXdC4NwIzH5nAEFjM2k4kUTFEAy3YYo5HssX7MosGXy+jiE+/CTZsYCg==
X-Received: by 2002:aa7:d6cd:0:b0:43d:4ab8:87b8 with SMTP id x13-20020aa7d6cd000000b0043d4ab887b8mr3150834edr.412.1660302378403; Fri, 12 Aug 2022 04:06:18 -0700 (PDT)
Received: from smtpclient.apple (2a02-a468-ca02-2-bc1a-4126-d5c6-54dc.fixed6.kpn.net. [2a02:a468:ca02:2:bc1a:4126:d5c6:54dc]) by smtp.gmail.com with ESMTPSA id y26-20020a056402171a00b0043577da51f1sm1173129edu.81.2022.08.12.04.06.17 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Aug 2022 04:06:18 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: James <james.ietf@gmail.com>
In-Reply-To: <20220811222515.06CF528C1CA@107-137-68-211.lightspeed.sntcca.sbcglobal.net>
Date: Fri, 12 Aug 2022 13:06:17 +0200
Cc: ntp@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B3AA99BF-7AEB-46B9-A756-012A242524D2@gmail.com>
References: <20220811222515.06CF528C1CA@107-137-68-211.lightspeed.sntcca.sbcglobal.net>
To: Hal Murray <halmurray@sonic.net>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/UZO-9SlLoBGLB4qp9dCQlVEn8Vk>
Subject: Re: [Ntp] SNTP, Old crufty software
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2022 11:06:25 -0000

What (dis)incentives are there for the people and companies writing, reusing, deploying code still using these protocols to work on them? I'm not sure there is many given "it still just works". A well defined carrot (e.g. a simpler/secure/etc protocol) or stick (popular public time services ceasing support for legacy protocols) are the only dimensions I can think of here.

I'm not sure the effort of trying to -bis SNTP is as beneficial as advancing newer work like Roughtime and its implementations, combined with BCPs or other such guidance that dissuade future use of these older protocols.

- J

> On 12 Aug 2022, at 00:25, Hal Murray <halmurray@sonic.net> wrote:
> 
> 
> There is a lot of NTPv1 traffic out there.  It's ballpark of 1% of the traffic 
> to pool servers
> 
> I have credible reports that some of the NTPv1 traffic is from reasonably 
> modern gear.
> 
> Has anybody looked at RFC 4330 (SNTP) lately?  It's 27 pages.  Much of it is 
> not useful if you are only intereted in the S part of SNTP.  It's a lot less 
> simple than it could be.
> 
> ------------
> 
> I think it's time for another pass at the greater SNTP area.
> 
> I'm focused on code that will go into firmware and won't get updated with 
> typical distro updates, if ever.
> 
> I see three parts.
> 
> The first is that we have to agree on what will be supported for a long time.  
> I assume that is a simple NTPv4 Client/Server exchange with no MACs or EFs.
> 
> The second is the protocol level.  I think we need a simple description of 
> what you get from a protocol exchange, how local clocks operate, and the 
> choices/benefits between ultra simple and not quite so simple.
> 
> I assume we should have sample code.  Can we maintain that off to the side 
> rather than frozen in a RFC?
> 
> The third is operational. We need a BCP for people writing/distributing 
> firmware and those who will be using/supporting that firmware.
> 
> We should get some of the firmware writers/users in the review process.
> 
> -----
> 
> I propose that SNTP requests (Client mode) should (ab)use an otherwise unused 
> timestamp field to hold a text string for vendor info.  That will allow 
> operational people to identify which gear is causing problems.
> 
> -----
> 
> Is anybody using SNTP interested in security?
> 
> -----
> 
> Is there any BCP for firmware writers/deployers?  Things like don't hardwire 
> in any DNS names (that you don't own).  Or a WG that covers that area?
> 
> -----
> 
> stenn@nwtime.org said:
>> Are they real v1 requests, from software that is about 40 years' old, or is
>> it a v3/v4 header where the implementor chose to identify it as v1? 
> 
> I have no insight into how the programmers were thinking.
> 
> I assume much of it is old code that works so nobody pays attention to it.
> 
> Roughly half of the NTPv1 requests have a 0 in what is now the mode field.  
> Roughly half have a 3/Client in there.  There is also a small bump on the tail 
> with symm-active.
> 
> There is also NTPv2 traffic.  It is essentially all Client/request.
> 
> Roughly 90% of the NTPv1 requests have 47 bytes of 0 after the 
> leap/version/mode byte.
> Another 10% have stuff in the last 8 bytes, the transmit timestamp field.  A 
> 1/2% has other stuff I haven't investigated.
> 
> 
> -- 
> These are my opinions.  I hate spam.
> 
> 
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email