IETF Logo Mail Archive

Re: [Ntp] [tsvwg] [Tsv-art] Tsvart early review of draft-ietf-ntp-alternative-port-02

Miroslav Lichvar <mlichvar@redhat.com> Mon, 06 December 2021 10:01 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8157A3A09B5 for <ntp@ietfa.amsl.com>; Mon, 6 Dec 2021 02:01:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.802
X-Spam-Level:
X-Spam-Status: No, score=-2.802 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nT6_sfBQ22aj for <ntp@ietfa.amsl.com>; Mon, 6 Dec 2021 02:01:38 -0800 (PST)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F8A93A09B1 for <ntp@ietf.org>; Mon, 6 Dec 2021 02:01:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638784896; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=74rq2wceLZSQQaNBj0ZL4Gk7UTNUA5mhAyZjmfYhsYU=; b=EBCmDVymzX13D+EItpbww4OquwHCn7oFe1TzkKRlO6eNI91MtZt5Xwb8hc9t8K2B1YRNxN pw+JdrOeqiV1s0WhqKLCyf1Od/EGBbBcLURZtfdJHNYkbG+Yu6R9MqDXZIDkIGQHLBGuHT ELW/2MAFN3dtaxevidMi1IpAlcXb8zA=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-410-I0OB4aW5PoCHHxVKBCyzUA-1; Mon, 06 Dec 2021 05:00:28 -0500
X-MC-Unique: I0OB4aW5PoCHHxVKBCyzUA-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7F10194EE0; Mon, 6 Dec 2021 10:00:26 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 61F6C38A9; Mon, 6 Dec 2021 10:00:24 +0000 (UTC)
Date: Mon, 06 Dec 2021 11:00:12 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: "C. M. Heard" <heard@pobox.com>
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>, Steven Sommars <stevesommarsntp@gmail.com>, Hal Murray <halmurray@sonic.net>, Joe Touch <touch@strayalpha.com>, NTP WG <ntp@ietf.org>, TSVWG <tsvwg@ietf.org>, iana-port-experts@icann.org, draft-ietf-ntp-alternative-port.all@ietf.org, tsv-art <tsv-art@ietf.org>
Message-ID: <Ya3fLJCHUsm1wE28@localhost>
References: <20211204231206.A534228C17A@107-137-68-211.lightspeed.sntcca.sbcglobal.net> <A803AF18-2BBD-4A54-9802-3EF693066E6C@strayalpha.com> <CAD4huA7RhF3xZJkdghz4yx3qk8uBjkfJv7Y_hDCvX1a=wATBkg@mail.gmail.com> <CACL_3VENkyebRf25W6EpW0yZY6ELYS41A4D_i+RnQE1M21P2hg@mail.gmail.com>
MIME-Version: 1.0
In-Reply-To: <CACL_3VENkyebRf25W6EpW0yZY6ELYS41A4D_i+RnQE1M21P2hg@mail.gmail.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/XKhdAmE2gc3TSfPMrsKtKuem4fY>
X-Mailman-Approved-At: Mon, 06 Dec 2021 12:18:18 -0800
Subject: Re: [Ntp] [tsvwg] [Tsv-art] Tsvart early review of draft-ietf-ntp-alternative-port-02
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Dec 2021 10:01:41 -0000

On Sun, Dec 05, 2021 at 03:20:12PM -0800, C. M. Heard wrote:
> We have two contradictory assertions by proponents of the alternate port.
> Which, if either, is correct?
> 
> Are the servers largely fixed but the filters still in place out of
> inertia, as Mr. Sommers says?
> 
> Or do the filters remain because of servers that have not been fixed, as
> Mr. Murray says?

I suspect we won't know for sure as long as NTP is firewalled
everywhere.

The reality is that NTP doesn't work reliably over Internet. In the
community of people running public servers (pool.ntp.org) it's the
number one problem. My impression is that it's getting worse over
time.

With NTS, which uses longer NTP messages it's quite common to see a
client that doesn't get a response to most of its requests.

The major ISPs have middleboxes, which cannot be configured to
specifically block or rate limit the amplifiying mode-6/7 messages.
Better hardware could be designed, but who will pay for that?
Expecting all those existing servers that amplify the traffic to be
fixed and the middleboxes to be disabled doesn't seem to be realistic.

-- 
Miroslav Lichvar

v2.23.0 | Report a Bug | By Email