IETF Logo Mail Archive

Re: [Ntp] comments on draft-mlichvar-ntp-ntpv5-03 / Extension fields

Dan Drown <dan-ntp@drown.org> Sat, 27 November 2021 03:48 UTC

Return-Path: <dan-ntp@drown.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB9A63A0CB9 for <ntp@ietfa.amsl.com>; Fri, 26 Nov 2021 19:48:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.526
X-Spam-Level:
X-Spam-Status: No, score=-1.526 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_XBL=0.375, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M1s1ZNPB4Vd8 for <ntp@ietfa.amsl.com>; Fri, 26 Nov 2021 19:48:25 -0800 (PST)
Received: from vps3.drown.org (vps3.drown.org [IPv6:2600:3c00::f03c:91ff:fedf:5654]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6557F3A0CB8 for <ntp@ietf.org>; Fri, 26 Nov 2021 19:48:25 -0800 (PST)
Received: by vps3.drown.org (Postfix, from userid 48) id CE5F72FCB8A; Fri, 26 Nov 2021 21:48:20 -0600 (CST)
Received: from 2603-8080-2709-c400-a5f1-96bf-91b2-26aa.res6.spectrum.com (2603-8080-2709-c400-a5f1-96bf-91b2-26aa.res6.spectrum.com [2603:8080:2709:c400:a5f1:96bf:91b2:26aa]) by mail.drown.org (Horde Framework) with HTTPS; Fri, 26 Nov 2021 21:48:20 -0600
Date: Fri, 26 Nov 2021 21:48:20 -0600
Message-ID: <20211126214820.Horde.ErbRZcjuVf-yEn55FGUhEZP@mail.drown.org>
From: Dan Drown <dan-ntp@drown.org>
To: ntp@ietf.org
References: <20211123131501.Horde.ErUH7VWw3Nr2PFkAGzGIEuI@mail.drown.org> <20211125214748.Horde.K2Fa5qir5iPLYRvfQJBMx8m@mail.drown.org>
In-Reply-To: <20211125214748.Horde.K2Fa5qir5iPLYRvfQJBMx8m@mail.drown.org>
User-Agent: Horde Application Framework 5
Content-Type: text/plain; charset="utf-8"; format="flowed"; DelSp="Yes"
MIME-Version: 1.0
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ZSUv6Y7gyS1fjUWTcvDCULA3xNo>
Subject: Re: [Ntp] comments on draft-mlichvar-ntp-ntpv5-03 / Extension fields
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Nov 2021 03:48:29 -0000

Quoting myself:
> for the reference id extension (5.3):
> * I'm assuming if the client wants to receive it in the response, it  
> has to send an empty one in the request.
> * I'm not an expert at bloom filters, but with 16 stratums, I think  
> we want one at least 160 bits and to set 7 bits for each clock (1%  
> false positive rate).
> * Because we don't actually need the random ID values themselves,  
> instead of generating a random ID and hashing it, we can just  
> generate 7 random numbers between 0..159 and set that bit.
> * Detecting a loop would involve checking to see if our 7 bits are  
> set in the data from our upstream source

After a day of thinking about my proposal above, I have the following  
concerns:

* The added packet size, 20+4 bytes is very large for NTP

* I need to consider compatibility between NTPv4 refid and v5  
extension. Specifically, what translations happen when switching  
between versions

* The 1% false positive rate would be a problem when you have a set of  
servers each with 10,000+ clients

* Packet logging for monitoring and management would be challenging

* Operators would probably want some way to make this more  
deterministic, maybe a configured local ref id

I'm doubting if a bloom filter is the right choice for NTP loop detection.

v2.23.0 | Report a Bug | By Email