Re: [Ntp] New I-D: NTP Port Randomization (draft-gont-ntp-port-randomization-00.txt)
Miroslav Lichvar <mlichvar@redhat.com> Thu, 18 April 2019 12:37 UTC
Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4982120315 for <ntp@ietfa.amsl.com>; Thu, 18 Apr 2019 05:37:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yU5po6L09uNu for <ntp@ietfa.amsl.com>; Thu, 18 Apr 2019 05:37:04 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 542FE12032F for <ntp@ietf.org>; Thu, 18 Apr 2019 05:37:04 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C0F8BDD9F4; Thu, 18 Apr 2019 12:37:03 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 16E65608C9; Thu, 18 Apr 2019 12:37:02 +0000 (UTC)
Date: Thu, 18 Apr 2019 14:36:48 +0200
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: ntp@ietf.org
Message-ID: <20190418123648.GF5984@localhost>
References: <155544937440.24990.5297599214551671091.idtracker@ietfa.amsl.com> <d0be2bea-0e57-022f-16f1-4e682dcc66ad@si6networks.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <d0be2bea-0e57-022f-16f1-4e682dcc66ad@si6networks.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 18 Apr 2019 12:37:03 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/YzO0YaXy_8oUDYuUzsbeQw2RUcw>
Subject: Re: [Ntp] New I-D: NTP Port Randomization (draft-gont-ntp-port-randomization-00.txt)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 12:37:07 -0000
On Tue, Apr 16, 2019 at 11:19:27PM +0200, Fernando Gont wrote: > The I-D is available at: > https://www.ietf.org/internet-drafts/draft-gont-ntp-port-randomization-00.txt Thanks for writing the draft. Just a few quick comments. The source port in client mode packets can be random and it can also change with each request, which might be recommended in the document. Most NTP clients do that. The source port in active mode packets doesn't necessarily have to be 123. It can be random if the other peer is not expected to have a permanent association with the peer, but it must not change between requests as that would create new assocations. In the NTS draft there is a port negotiation record, so proper NTP servers will be able to run on other ports than 123. -- Miroslav Lichvar
- [Ntp] New I-D: NTP Port Randomization (draft-gont… Fernando Gont
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Miroslav Lichvar
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Fernando Gont
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Miroslav Lichvar
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Fernando Gont
- [Ntp] Antw: Re: New I-D: NTP Port Randomization (… Ulrich Windl
- Re: [Ntp] Antw: Re: New I-D: NTP Port Randomizati… Fernando Gont
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Miroslav Lichvar
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Fernando Gont
- Re: [Ntp] New I-D: NTP Port Randomization (draft-… Miroslav Lichvar