Re: [Ntp] How many clients does a busy PTP server support?

Doug Arnold <doug.arnold@meinberg-usa.com> Tue, 01 June 2021 23:36 UTC

Return-Path: <doug.arnold@meinberg-usa.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01C6F3A2BB5 for <ntp@ietfa.amsl.com>; Tue, 1 Jun 2021 16:36:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=meinbergfunkuhren.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hmns4h4xV3sJ for <ntp@ietfa.amsl.com>; Tue, 1 Jun 2021 16:36:14 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60057.outbound.protection.outlook.com [40.107.6.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 267BB3A2BB2 for <ntp@ietf.org>; Tue, 1 Jun 2021 16:36:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z9h2FtehNbZqbnNPdYAiy9PDM9hLnOfs9D1B2rNkLxJ4ljvl+cpsqvctIThCS2VONhB1dwVwY7j2P1ErvCjPQwtEN2w+jzgFlDHJ+0x0HobXTUrjSfIdpO3q7D7cSBPa+M088MEDSPA+qS4OzT3L4Rg1dMiGiiZdIkDWLHetytM+1Kvlb4Y7nG+bgPS0ne1410BxBy7y7tV8DIsndlJ+VWigNkcZDYOdp6Wqy4Txt+89NnN57K0xyGGEMeX+eo7AHAFNrwoKOynHQyBJpRJXBxkzQBfuZk+H7VGBLHMYWbpDfv3qfNHsbW7qVuRxpz1va3yNTj+MCkOfwLgF3E91bQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dPp771cIGomg06n34Hg+iu5D79+DyxbMEaYZOWr64zU=; b=Eum9LK1CXmf58SSWiZCgduQbVkGa93ePQgjpZZom7owiaUtUFlZwJHNHx8NyLHW74XtzK36NT23iO2+wxJbYLx+YOtSLIlU4xLqYDkJZnW0jmUwsZVXj40GZMnAg/nPcWUka/E9/h2wUYupcOjjJwTIV5Yzyvu9Pyrkz+dIcWaMxj338XQn1GNjnFdKbku2TYjiFH7PuAkqSg0tcPoa9CXcRKznJcflpY0TxkQa7PmEQdF5VmEKARBSKdp7xH8hdb5erLwHe6PN6AJ2hAS6mXBu3EYDVsT3nXwtuuSX4hKEXh3RDz63Ey/lh78ATwLtSRKSMcko19ZnpK8/Bov4RIg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meinberg-usa.com; dmarc=pass action=none header.from=meinberg-usa.com; dkim=pass header.d=meinberg-usa.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meinbergfunkuhren.onmicrosoft.com; s=selector1-meinbergfunkuhren-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dPp771cIGomg06n34Hg+iu5D79+DyxbMEaYZOWr64zU=; b=n+dZ0a6b3jnFGWf6P1LVLN4VM7IQMEqD4FEtCmKDujRZudttwn1/JMjB8ZX/fpyz24sdRup6Z8DkOTjIH90JEIqII0+7KMWJtSF3giq9OfyTh+FHZugTq2SPTQGMIY16yWVwgM36DeoAy8wtaazaK4/KVD1jzns30q60YWDQu3M=
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com (2603:10a6:20b:102::15) by AM6PR02MB3670.eurprd02.prod.outlook.com (2603:10a6:209:3a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.22; Tue, 1 Jun 2021 23:36:11 +0000
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::aca9:7944:745f:78ef]) by AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::aca9:7944:745f:78ef%6]) with mapi id 15.20.4173.030; Tue, 1 Jun 2021 23:36:11 +0000
From: Doug Arnold <doug.arnold@meinberg-usa.com>
To: Hal Murray <halmurray+ietf@sonic.net>, "ntp@ietf.org" <ntp@ietf.org>
CC: Hal Murray <halmurray+ietf@sonic.net>
Thread-Topic: [Ntp] How many clients does a busy PTP server support?
Thread-Index: AQHXVzkT/1BDsqScD0GXM7zwC3fgvar/yu1F
Date: Tue, 1 Jun 2021 23:36:11 +0000
Message-ID: <AM7PR02MB5765313583AF0B9037186585CF3E9@AM7PR02MB5765.eurprd02.prod.outlook.com>
References: <20210601225409.EE16E40605C@ip-64-139-1-69.sjc.megapath.net>
In-Reply-To: <20210601225409.EE16E40605C@ip-64-139-1-69.sjc.megapath.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: sonic.net; dkim=none (message not signed) header.d=none; sonic.net; dmarc=none action=none header.from=meinberg-usa.com;
x-originating-ip: [64.30.82.72]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3dfb13a6-ac74-4c2e-77b0-08d925560a0f
x-ms-traffictypediagnostic: AM6PR02MB3670:
x-microsoft-antispam-prvs: <AM6PR02MB367097AA39620F02C8976797CF3E9@AM6PR02MB3670.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jzd3cEOqFuJzg+ZVi/3k4pMwXcS7fpqgNASF6n66NuYtuY0HgYmigLXMdEL/sqBuj6m27p+gpJvmBq7RSaNBTvrY/ef7/egIyVCCvGB50b05ZzUvXtBCKmE8PcFKGvAC10xbUnoVjJdANbpj+49AXPDqw0VZfRfIrPcDWxA+pN1/XDfywbMhB80xFyj94V5OMZ01g63gJ+vFIV/AD/1t0axQRHipEriDlQocir7NTfeFumQeevVMIv0WxtepmycgRcDxnSn1a8NQ8U48hN7rduB4n5gGqWBh29dlLD+3vwEvS28/pgf0XrA2KBW1R/eFrii2+Ufz6I1+Ou1r0LZQ+bR0Xl8jjbKjoJY21vKg2mR0vG+rWn3jNCxKZk18HtY3Vf4GW1lJHzDAtowtEW/JfxbcNq5mLAmhHTP4VeQBYB87bZ4fyc5dJ7C+vtKN3CzeEPiaQ45REaP/HfJDEjDMifMGz2s46EMqCd2TRAQIgoUQxre+XwGzYJUnXkmZralA+Sz/ecCcDDlnjnb2LwSgwQBO6vfDlAafEPYidf7u2mEwo/pw3XgE05XM1hnyVVojziqEmg15HdwvXT+QloMrq9gSQkifkCtVN9IHkFgviyv4Geo3ImdedFZHvnZ6rxlGx4+5uHtwHvdz4kPAhIUrCh9RtgJlIlOSpmgBJ3olntpuUaZnImQ1D8RyLbR3yftw9/CPrf0LxwaKQTyjlNnw/g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR02MB5765.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(39830400003)(136003)(396003)(346002)(376002)(66446008)(64756008)(66556008)(66476007)(66946007)(91956017)(83380400001)(33656002)(44832011)(166002)(52536014)(8936002)(478600001)(26005)(8676002)(71200400001)(38100700002)(122000001)(110136005)(4326008)(186003)(5660300002)(86362001)(9686003)(7696005)(53546011)(2906002)(6506007)(966005)(55016002)(316002)(76116006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?4NCYaE2IVq437MYrpqSpF7qk0oeAFJW1WR8At88A5TIK3PZgM3VI6esDpK/3?= =?us-ascii?Q?uvUeh8bjOHGFzdVWXmoViLQ3gcwbIcUp1vNslfJnOXucvVtThzC3knCWYjle?= =?us-ascii?Q?Y+CWUBDbT2JKGePSqokD2fdOtBaH94DuZ6tc/Z6OC6osutGtuVnZpBpEdxO5?= =?us-ascii?Q?tnvbUz4czuAqc1Ov7dyfSlK8PQMEd5PYXFnrT4wHfXk8TX7Fxw4iGqZqskua?= =?us-ascii?Q?OqwxQOb0sAw9u76pEZBpkyl3WUio1aG7iAUKmsxmhufRfGSbIK166bjAlhBm?= =?us-ascii?Q?9DEjHLeR2X30xOQ1/VuVCyhF+nrUg6BzJvBt+1Y0VcK0GLan/gojpKIlvtNr?= =?us-ascii?Q?vho+Q9kXBE5yICCLVXUaVR0350qENGeOWeib1s5b76h7o0bkYGntFrVybZ+/?= =?us-ascii?Q?68pE4zU5tXO/nuM90xO/wTkA3lzS4qgr3i8D3iq8xsNhAdnLDn9tvI+px+8b?= =?us-ascii?Q?9lyUu+tGZfhSH83z8qASSKNeswiGkpJ0NBTeefirhljBHSER32nJ4O8ectDh?= =?us-ascii?Q?dGCo3s5aAfbwV+crpgOHV1kzPe8wchTDiICqG1sxzAD9OOp+2drYJ7+nxBnj?= =?us-ascii?Q?ULTi2txQHKGQvzAjjLD3s36ULA9FaFQ2GAOlOzQ8Bz0xadcKPUN1giPAfhy1?= =?us-ascii?Q?9V0jvdUqFT7fBh8Eh2Y/qSwwq1VYiADe65cPYP+IE8IHAXhCQyfatmb/rShy?= =?us-ascii?Q?il8mUb+USVzJPUM0cjBPzhASwoOjzRI7F8LS8db1P8TxrHrjZf0JHFnmx+ap?= =?us-ascii?Q?ehqsdZyzAaNQ0aYKAoD+/8Eu0cDNRLvbM7IUwP695rD1qTIRE//o08bYIHXu?= =?us-ascii?Q?DQaF27bZAFiI80cmQRfRL1wghCEURYy1OtrwWTNVo9xN1/OGhPc1m59cS4LB?= =?us-ascii?Q?bIshk2WyXxWaIOa6EZwIvv2UBCbED7SgeXuUy3kBB6M+JTGhtEoXsBlcBAh5?= =?us-ascii?Q?GeIaRXpSRmNcCwgf5l6pqP9yXGvqylbNv0AsbSY9Ea8EoPTfMk1YLNFwnchn?= =?us-ascii?Q?4StnBqa0lJ/dQU8eaWTd9GxzWqfv9jhP78ggv4cpTpaXfzGxEpfRHB4rHL2v?= =?us-ascii?Q?fWJK/UkcULK2OgDrk3S17WzXr/bHb+Cjq3BTsZ21n+Z7I6e+oWgJTiWM8Oh2?= =?us-ascii?Q?au/aKyLVA81fuQSkGJlZlAdhGLg5iHmW3Z5ffsy1ES3GOH4Y1GsMIwuWH8/3?= =?us-ascii?Q?AkZ0p7xLxdoXz4gdzSBUW/YbF9E19W7AEeB8OZ8XXvD24OvSOPqDcEQg7jOC?= =?us-ascii?Q?7aGxA7zFxVwQT0mlaePaOFXKUyEAggJeGF0FnhtJb1ZKeQ8I/N1ofOGkUNYL?= =?us-ascii?Q?j0I0PsZnrm6qm33J5bOUJ14Ywh5cp+r8hGYes73wrWNYcw=3D=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM7PR02MB5765313583AF0B9037186585CF3E9AM7PR02MB5765eurp_"
MIME-Version: 1.0
X-OriginatorOrg: meinberg-usa.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR02MB5765.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3dfb13a6-ac74-4c2e-77b0-08d925560a0f
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jun 2021 23:36:11.4432 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d59904cd-769f-4368-8bd0-f5f435893a38
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Cuzfv9Qw0raBi2WLxHYJ2qJ1zXTPyOI5Q2YaeI2UwDGAOZslBsyUoqPd+V85ulHGO4UXxTGqbzhO1r40wvDelL+zq1CnvdxjQN0egt0/qAM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR02MB3670
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/e4ofcRLoQ-FoNL8nPk8BZ8OTBpA>
Subject: Re: [Ntp] How many clients does a busy PTP server support?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jun 2021 23:36:19 -0000

Good question, Hal.

For multicast, or mixed multicast/unicast profiles, a group key approach makes the most sense.  This is what is proposed in draft-langer-ntp-nts-for-ptp-01<https://datatracker.ietf.org/doc/draft-langer-ntp-nts-for-ptp/>p/>.  However, even in this case much of the terminology and structure is barrowed from NTS for NTP.

In the case of unicast PTP, which in practice is always negotiated.  A PTP server can have thousands of clients, so it makes sense to use the ticket mechanism of draft-langer-ntp-nts-for-ptp-01<https://datatracker.ietf.org/doc/draft-langer-ntp-nts-for-ptp/> or the approach of
draft-gerstung-nts4uptp-02<https://datatracker.ietf.org/doc/draft-gerstung-nts4uptp/>p/>.  Both of which are similar to NTS for NTP.
Lastly, from a development cost perspective, it is desirable to make NTS for PTP as mush like NTS for PTP as possible.  This will also be helpful to network operators who have to maintain secure versions of NTP and PTP
Doug




From: ntp <ntp-bounces@ietf.org> on behalf of Hal Murray <halmurray+ietf@sonic.net>
Date: Tuesday, June 1, 2021 at 6:54 PM
To: ntp@ietf.org <ntp@ietf.org>
Cc: Hal Murray <halmurray+ietf@sonic.net>
Subject: [Ntp] How many clients does a busy PTP server support?

Most of NTS4NTP is dancing around the lack of per-client state on the server.

If PTP servers only support a "small" number of clients and PTP already has a
mechanism using shared keys, it might be simpler to just use TLS/whatever to
setup keys.

If it takes 100 bytes for a server to store a key, that's 10K clients per
megabyte.  Raspberry Pi-s come with gigabytes so the numbers seem worth
further investigation.

Does the PTP shared key stuff cover all the problems?  (or enough of them to
be interesting)


--
These are my opinions.  I hate spam.



_______________________________________________
ntp mailing list
ntp@ietf.org
https://www.ietf.org/mailman/listinfo/ntp