IETF Logo Mail Archive

Re: [Ntp] SNTP, Old crufty software

Harlan Stenn <stenn@nwtime.org> Wed, 17 August 2022 20:13 UTC

Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5641CC1524C7 for <ntp@ietfa.amsl.com>; Wed, 17 Aug 2022 13:13:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.105
X-Spam-Level:
X-Spam-Status: No, score=-1.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GjUHci937sVw for <ntp@ietfa.amsl.com>; Wed, 17 Aug 2022 13:13:42 -0700 (PDT)
Received: from chessie.everett.org (unknown [IPv6:2001:470:1:205::234]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FC9AC1524BF for <ntp@ietf.org>; Wed, 17 Aug 2022 13:13:37 -0700 (PDT)
Received: from [10.208.75.149] (071-084-168-128.res.spectrum.com [71.84.168.128]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 4M7K3124lKzMP62; Wed, 17 Aug 2022 20:13:33 +0000 (UTC)
Message-ID: <0e229d51-500a-e732-0cc9-eb0172bbd0d9@nwtime.org>
Date: Wed, 17 Aug 2022 13:13:31 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0
Content-Language: en-US
To: Greg.Dowd@microchip.com, ntp@ietf.org
References: <20220813080730.3FAC728C1CA@107-137-68-211.lightspeed.sntcca.sbcglobal.net> <BYAPR11MB276076FDFF94749FE9B96A70FC6B9@BYAPR11MB2760.namprd11.prod.outlook.com> <a71a120f-2af7-67ac-4d48-1d343e8b6d68@nwtime.org> <BYAPR11MB276055B5A6A3B8588C6552D9FC6A9@BYAPR11MB2760.namprd11.prod.outlook.com>
From: Harlan Stenn <stenn@nwtime.org>
In-Reply-To: <BYAPR11MB276055B5A6A3B8588C6552D9FC6A9@BYAPR11MB2760.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/cnMsuYstA6DvP-Y0OueoPv4T5TI>
Subject: Re: [Ntp] SNTP, Old crufty software
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Aug 2022 20:13:46 -0000

The code I looked at was in ntp_proto.c, and I remember this being an 
issue long before that code showed up in 2018.  I suspect that I just 
didn't search thoroughly enough and that "accommodating" the MS behavior 
was done much earlier, in other parts of the code.  A code overhaul 
happened in 2018 and that's when the updates made it to their current 
locations.

While I expect this usage will taper off, there are still plenty of 
folks who have ancient gear that still runs and cannot be upgraded, and 
this gear will continue to be deployed.  I know we have some 
power-related devices that still need ancient java and ancient SSL.  We 
keep this gear on protected VLANs, but it's still "there".

On 8/17/2022 9:07 AM, Greg.Dowd@microchip.com wrote:
> Thanks Harlan!  That was it.  I also think this problem significantly pre-dated Sep 2018 since we wrote some special code to handle the MS MAC format on a product that was obsolete by 2018 but all in all the # of requests is low and it hasn't melted the Internet so I assume they will fade away slowly?
> 
> Thanks..Greg
> 
> Greg Dowd  Microchip - Freq & Time Div.
> 
> Assoc. Technical Fellow – Engineering
> 3870 N First St, San Jose, CA 95134
> Direct: 408-964-7643
> Greg.Dowd@microchip.com
> 
> -----Original Message-----
> From: ntp <ntp-bounces@ietf.org> On Behalf Of Harlan Stenn
> Sent: Tuesday, August 16, 2022 6:36 PM
> To: Greg.Dowd=40microchip.com@dmarc.ietf.org; ntp@ietf.org
> Subject: Re: [Ntp] SNTP, Old crufty software
> 
> EXTERNAL EMAIL: Do not click links or open attachments unless you know the content is safe
> 
> On 8/16/2022 10:51 AM, Greg.Dowd=40microchip.com@dmarc.ietf.org wrote:
>> Wasn't there an "undocumented" authentication mechanism in windows using ntp with symm active or symm passive request?  A different way of parsing the MAC?  I "think" just sending back server worked for unauthenticated but honestly, it's been so long I could be wrong.
> 
> The issue is that windows clients (I don't recall if or how authentication plays in to this) by default send a symmetric active request instead of sending a client request.  When we see this, we simply send back a MODE_PASSIVE response, without mobilizing an association.
> 
> The fix for this problem looks like it was committed on 12 Sep 2018, but for some reason I think this happened before that.
> 
> See Microsoft KB 875242 for the preferred work-around.
> 
> The "accommodation" for the broken windows clients was included in 4.2.8p13, unless it happened before that.
> 
> H
> 
>> I can say that just about every network admin I work with still uses w32time on some box to verify our ntp server functionality.
>>
>> Thanks..Greg
>>
>> Greg Dowd  Microchip - Freq & Time Div.
>>
>> Assoc. Technical Fellow - Engineering
>> 3870 N First St, San Jose, CA 95134
>> Direct: 408-964-7643
>> Greg.Dowd@microchip.com
>>
>> -----Original Message-----
>> From: ntp <ntp-bounces@ietf.org> On Behalf Of Hal Murray
>> Sent: Saturday, August 13, 2022 1:08 AM
>> To: Martin Burnicki <martin.burnicki@meinberg.de>
>> Cc: Hal Murray <halmurray@sonic.net>; ntp@ietf.org
>> Subject: Re: [Ntp] SNTP, Old crufty software
>>
>> EXTERNAL EMAIL: Do not click links or open attachments unless you know
>> the content is safe
>>
>> martin.burnicki@meinberg.de said:
>>> I remember some years ago when Windows XP/Server 2003 was current,
>>> the dumb SNTP client (w32time) shipped with that Windows versions
>>> sent "peer" requests to the NTP server by default,
>>
>> Thanks.  Pool servers are still seeing that.  That's the tiny bump on the tail that I mentioned.  It's ballpark of 1/2% of the NTPv1 requests.
>>
>> Do you know what that version of w32time requires for the Mode in a response?
>> Will it accept Server?
>>
>> If nothing else, we need to make a list of the types of v1 requests that are being sent and the responses they need.
>>
>>> Since SNTP basically uses the same packet format as NTP, in my
>>> opinion the real S(imple) attribute refers to the way the packet
>>> exchange is evaluated at the client side.
>>
>>> I've seen implementations where the client didn't even try to
>>> compensate the network delay, and just used the server's transmission
>>> time stamp to adjust the client time. Probably because the
>>> programmers though that the resulting accuracy id "good enough".
>>
>> Right.  If all you need is within a second or two, it may not be worthwhile to do that admittedly tiny extra calculation.  It's just a couple more lines of code to maintain.
>>
>> I was thinking that we need a section on clocks and networks so people can decide how complicated they need to make their "simple" client and/or how often they need to poll.
>>
>> ------
>>
>> Speaking of cruft...  :)
>>
>> I'm seeing a few v3 and v4 packets with Broadcast Mode.  Anybody know who who/what is doing that?  Some of it looks like real traffic: 64 second polling, LOCL in the RefID, mostly 0s, looks like a time in the transmit slot.
>>
>>
>>
>> --
>> These are my opinions.  I hate spam.
>>
>>
>>
>> _______________________________________________
>> ntp mailing list
>> ntp@ietf.org
>> https://www.ietf.org/mailman/listinfo/ntp
>>
>> _______________________________________________
>> ntp mailing list
>> ntp@ietf.org
>> https://www.ietf.org/mailman/listinfo/ntp
>>
> 
> --
> Harlan Stenn <stenn@nwtime.org>
> http://networktimefoundation.org - be a member!
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

-- 
Harlan Stenn <stenn@nwtime.org>
http://networktimefoundation.org - be a member!

v2.23.0 | Report a Bug | By Email