IETF Logo Mail Archive

Re: [Ntp] NTPv5 and anycasting

Denis Reilly <Denis.Reilly@orolia.com> Thu, 03 December 2020 15:33 UTC

Return-Path: <Denis.Reilly@orolia.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 197603A0E60 for <ntp@ietfa.amsl.com>; Thu, 3 Dec 2020 07:33:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=orolia.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pWJD2uoILJPL for <ntp@ietfa.amsl.com>; Thu, 3 Dec 2020 07:32:57 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2082.outbound.protection.outlook.com [40.107.20.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 540DE3A0E3D for <ntp@ietf.org>; Thu, 3 Dec 2020 07:32:56 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WXnBKxI6IXTIg8+rUi3PIWj+RaDz3la/kbZcG9zbo+G9Rexw8dvTTEizZ1VkaXORtvNq0bL1ks+pDKAEHW+o8WGyEJj0t1Lt1mYXZj9Lmuuz8JuX4MHhzrxgPsrguojmQuoPxdHdJJylIXFoY+Vd7zbiWYBLmtMkXqNX2DKk07Dgr78VsICwg0nNbSebXwNakEAoy7x8bNhscSq/g59/cwHgViSbNkZ6NlFX6UR+nJ3ZoyEascJR6DfAwKLjcEhFmsZC+wgY+/ivr3lH22XJzb8SSqemagXnc0Cv7RKw2hqsiog9arbTBxLjoasxP3+73VIDyVulQC4XLr4JsuYUSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UxMx2WAkfgC2bdebu9pm2BUuzWEctMLPLRNV4nCeEHI=; b=ho3lxaOxKM5Wr3hbZ672yM1i/DazM/JvikuZ03SY/B9yin1elpKaQLgUcrgKfbkI192E3jCadGoLk+jb04ZZx4AsYMaQ1yohO6itHaRuP/zC3P/HZVvfRMJaPWRDM5mtsVD48QcJE1RcrdeeMwG8jY7td7wCBDn2ud/WBtANRvfa50XLKef4Zjlk2Y9bFsxWI+nifnXpBhYmbHLc8XHFMQDmBD7Y/uwM2mezV84o2srPABDKwtwbxgcy6isqgEbsscyKZghtHaiiGDLxCNbS1F0bL4gUVtUSq5ZmueJl54TgqfHobNU0UbFUkC4Oad3ydx7jFVQI7IQbhyVhHu+11Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=orolia.com; dmarc=pass action=none header.from=orolia.com; dkim=pass header.d=orolia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orolia.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UxMx2WAkfgC2bdebu9pm2BUuzWEctMLPLRNV4nCeEHI=; b=J3OK9A0NbZmOZKclu52KReYiTCTLMS3/FAO2Qgyq6YwZwnDNWpp89CoYDKAkt39vmF6J5qVTzJJFnQD3whnvQHKozKNk8FJt43Mqw4JN7pDMCo/b8z9l1HfqbASkq/grPSYJR0b0a0VQy6/uJjR7o7zeqBockNy8xxLjRpT8iPw=
Received: from AM6PR06MB5430.eurprd06.prod.outlook.com (2603:10a6:20b:86::11) by AM6PR06MB5621.eurprd06.prod.outlook.com (2603:10a6:20b:2b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.24; Thu, 3 Dec 2020 15:32:53 +0000
Received: from AM6PR06MB5430.eurprd06.prod.outlook.com ([fe80::145d:cbe0:62d2:128a]) by AM6PR06MB5430.eurprd06.prod.outlook.com ([fe80::145d:cbe0:62d2:128a%7]) with mapi id 15.20.3632.017; Thu, 3 Dec 2020 15:32:53 +0000
From: Denis Reilly <Denis.Reilly@orolia.com>
To: Paul Gear <ntp=40libertysys.com.au@dmarc.ietf.org>, "ntp@ietf.org" <ntp@ietf.org>, Philip Prindeville <philipp@redfish-solutions.com>
CC: "watsonbladd@gmail.com" <watsonbladd@gmail.com>
Thread-Topic: [Ntp] NTPv5 and anycasting
Thread-Index: AQHWyG3BribvEPmraUa4v/E0gHlBbanjc9OAgACiEYCAAD/jAIABJ8uQ
Date: Thu, 03 Dec 2020 15:32:53 +0000
Message-ID: <AM6PR06MB5430034818B4F2B193F472CFFFF20@AM6PR06MB5430.eurprd06.prod.outlook.com>
References: <F2AD65AD-3403-486E-AEF9-3EF07F88A7FF@redfish-solutions.com> <20201202080839.GO1900232@localhost> <6CAE44A6-41A6-4516-8CD1-217C87C28E47@redfish-solutions.com> <e316ffcf-91e1-1e95-b905-76e63200cba2@libertysys.com.au>
In-Reply-To: <e316ffcf-91e1-1e95-b905-76e63200cba2@libertysys.com.au>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=orolia.com;
x-originating-ip: [2604:6000:1000:e00a:94a3:a361:a68:ad10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 00400b18-7beb-4007-a548-08d897a0b399
x-ms-traffictypediagnostic: AM6PR06MB5621:
x-microsoft-antispam-prvs: <AM6PR06MB5621205A307AD01DBE37E1BBFFF20@AM6PR06MB5621.eurprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Me//GxrseRdY79hzf7ZWn3rjlyO02CJkUT0WV0aZZb+NKdqyF9DDZbfFzn+2fTX2BVy4cqHvMnroptqTfZM0CAUTsOivf5u6YxvQ4Lnf+QWUHleaF+/8XtK7zSaZpql425iasdA8V/6UsZLN2Jn1vxI2kISzqQkvWAvU6g+BUgXTzhVaL+oxKgCsRQkavcw+H/6+cb+kmXfanxCr41TqVWPdqLHygJhJqxHReg0YMNPpWm3qaNo2t5ybZkain5yBnR0sEouKL70igo5tjeb2Ef9pvg9usOs5e0qAmpOJqvL5UGoE2mIyI4C3zXa+xAL/
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR06MB5430.eurprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(396003)(39850400004)(366004)(346002)(2906002)(9686003)(66574015)(316002)(8676002)(64756008)(55016002)(66476007)(76116006)(8936002)(66946007)(52536014)(66446008)(83380400001)(33656002)(5660300002)(110136005)(4326008)(66556008)(6506007)(71200400001)(7696005)(478600001)(186003)(53546011)(86362001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: jLODIxCY34fsET0VgulwDL7f/Rtj08y+9owJsROyo0o2L+PHE5MBo4aUDtsO/DUkfbswgrwLKRhjZyesd+EvPNWnXjjpJVG3rAVdJr5ViV10kt2eaepV2dR5woKVDbT+XoqfTtxnqHse44FNEpBwN6wH0BuVFihLwIn385WcE0GC4MJLQQ92lJf9vqITLQm0zAoBD6qAed5f86QEi8TM/Cx8DTtZMGeeljrfVPSeZNdQlcjBxPnzmb1MdBJAVgiuucsjU2b6Y7xyIWyrFBpbZfVcVbzb1/35R6vaf1tmlDiqwGvLaLcdt3fp5WFY5OQXe94ecbxdN5gtsK/b0LNdmpOecFB3/wyN78P7LZQK1Cre9YCBtc453LdQFg57f9Z3D+XLUnIRY2FUeUh+q2N3qQ5WUJ9GWbfMkYnW4caxqphffKgtcF07Et3bjsRE+P/veh4v2J6/xLmeC4s6Ne4fP13rHIYPYMCsOXRxAKV6nuO34seTAni3iQaF63AFC0eiHKoMAleQBZHawPfN/7VI6x1/N2yD0QvJF8HZf+r1b5ONuCAQLe1p3EiAoskMVKX/7Yco5sY5mZk7X+f7FjVf8J5A81Z0CeHNdWsR/iD2lLIb23EJlPn5F2FY2uIBKxkXyhFTCrgyaP6muXfd/ruCXCm4yIjj9NI+EMkA/dTRkZGulgARtVUHWTBXUaLEddp+3OiOdn4RTenoYVT2uoqp8hKfMyd2ec4BK6AcLU+FDVy0F/ZnoLWa4Fq/Ib5MDNBm5EpV7b60GQ5Te3gWcgf8iuZHIPPElw5oL0B9e1h57JhUUpGKaluIom/NouEGBXMUycSCRRwvayB08osUNPhkDz+zjkupZhQ3CfteEDIeycLzkKupbz0z5VuP+N8fJz2721UyNN0pL+WIXKDr+K+35BAKAaB84im92NSyAWaS6NcDbgOmUTF23Iad6R07z/W+w0ky3oEZEUo4IDyje53QqAyoGAJZY3k3eQdp4iToAyzZXJUs48luI2BcKYmhhNlTiykLTguZa2Mr/UchaRHG2GhqxHHdN2GluvmAJ4Jll4E=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM6PR06MB5430034818B4F2B193F472CFFFF20AM6PR06MB5430eurp_"
MIME-Version: 1.0
X-OriginatorOrg: orolia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM6PR06MB5430.eurprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 00400b18-7beb-4007-a548-08d897a0b399
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Dec 2020 15:32:53.5668 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a263030c-9c1b-421f-9471-1dec0b29c664
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GUoC8/XYTorSa+36Xlnf34s0AG5+THR02fHhhfieYwBeIrvM9KThyh1gDvclpDj03snARCUABaBCH77s+nNTsw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR06MB5621
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/-rPe9H-AdsN3NZtPWG_o9p8qwLY>
Subject: Re: [Ntp] NTPv5 and anycasting
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 15:33:00 -0000

Hello Paul and Philip (and Watson):

The intent behind adding NTP over anycast to the BCP was to document a mode of operation that many network operators are already using. In my experience, it has its main value in Paul’s scenario 2. And when a network operator uses it on its corporate WAN, they need to understand that their choice will not lead to optimal time transfer, particularly when the network changes which server a client is talking to without that client’s knowledge. Perhaps that doesn’t happen often enough to cause concern? Ultimately, it is up to the operator to determine what their synchronization requirement is. Their application may be able to tolerate the slop when Anycast association changes, and so making configuration easier is worth the tradeoff.

This can also be accomplished via DNS, as you note, but I do know that there are some organization who prefer their anycast setup.

While I was composing this, Watson provided his reply, with much more relevant detail than I could have provided.

Best Regards,

--
Denis Reilly  |  Technical Lead  |  denis.reilly@orolia.com<mailto:denis.reilly@orolia.com>  (585)321-5837<tel:(585)%20321-5837>

From: ntp <ntp-bounces@ietf.org> On Behalf Of Paul Gear
Sent: Wednesday, December 02, 2020 4:37 PM
To: ntp@ietf.org
Subject: Re: [Ntp] NTPv5 and anycasting


CAUTION: This email originated from outside of the organization.
Do not click links or open attachments unless you recognize the sender and know the content is safe.
On 3/12/20 3:48 am, Philip Prindeville wrote:

On Dec 2, 2020, at 1:08 AM, Miroslav Lichvar <mlichvar@redhat.com><mailto:mlichvar@redhat.com> wrote:



On Tue, Dec 01, 2020 at 10:41:01PM -0700, Philip Prindeville wrote:

Sorry if this has been discussed already, but do we want to have a specific prohibition against the use of anycasting with NTPv5?



I can’t see the point in sending packets non-deterministically to one of possibly many servers with different clock values, RTT’s, etc.



There is a section on anycast in the NTP BCP document. It can be

useful. I don't see a reason why NTPv5 specifically should prohibit

use of anycast.







What’s the scenario where non-determinism is a good thing?

Hi Philip,

I agree, and I'm curious to hear Miroslav's answer to this as well.

I can think of two scenarios where anycast might be useful, but neither is really non-deterministic under normal conditions:

  1.  Public services where the same well-known IP (or set of IPs) is anycast simultaneously from geographically dispersed locations and only moves when its prefix is withdrawn from BGP due to maintenance or faults.  (Similar to the various DNS services from Cloudflare, Google, etc.)  I would argue that the existing DNS-based public pool is a better solution than this for most use cases.
  2.  A corporate WAN where clients are configured with a single NTP server IP, which is anycast from the local branch router.  My argument against using anycast here would be that an internal DNS pool is simpler and more robust, but I can see some organisations wanting to use anycast due to a mix of platform limitations, management software, and available skills.

I think RFC8633 section 7 was rather too gentle in its downplaying of anycast, and would support wording stating that anycast SHOULD not be used with NTP.  Of course, that's not really within scope of Miroslav's v5 proposal.

Regards,
Paul

v2.23.0 | Report a Bug | By Email