IETF Logo Mail Archive

Re: [Ntp] comments on draft-mlichvar-ntp-ntpv5-03 / Extension fields

Miroslav Lichvar <mlichvar@redhat.com> Wed, 01 December 2021 11:13 UTC

Return-Path: <mlichvar@redhat.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21EB93A0124 for <ntp@ietfa.amsl.com>; Wed, 1 Dec 2021 03:13:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.802
X-Spam-Level:
X-Spam-Status: No, score=-2.802 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fApFxkDh0mGW for <ntp@ietfa.amsl.com>; Wed, 1 Dec 2021 03:13:41 -0800 (PST)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EAF63A0121 for <ntp@ietf.org>; Wed, 1 Dec 2021 03:13:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638357219; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=4XOTGCeXTBWCvWCn1zoXFjaQWX6dzgUI7sXXnADRQRw=; b=ZAmo8woo4RpXXTFHU04BXHlWkCyFdEzZuzSNZXSaYQEGkDnrmt/jzqfrCAxInUIB+TaI93 KachF8L3Q8LhaNyCZtP0UWZxgelMF4xmhmMk4nglSSsxG7O0DJhk8BwH7roWJsSeB2E8L7 DnH2rFYfq+SQk7umW+yzc7qBtY2uEig=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-252--Dxi0C6xMd-x_1hRxN3k-w-1; Wed, 01 Dec 2021 06:13:37 -0500
X-MC-Unique: -Dxi0C6xMd-x_1hRxN3k-w-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4814A81CCB4 for <ntp@ietf.org>; Wed, 1 Dec 2021 11:13:36 +0000 (UTC)
Received: from localhost (holly.tpb.lab.eng.brq.redhat.com [10.43.134.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C349679448 for <ntp@ietf.org>; Wed, 1 Dec 2021 11:13:35 +0000 (UTC)
Date: Wed, 01 Dec 2021 12:13:23 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: ntp@ietf.org
Message-ID: <YadY00rmMDu3ya+r@localhost>
References: <20211123131501.Horde.ErUH7VWw3Nr2PFkAGzGIEuI@mail.drown.org> <20211125214748.Horde.K2Fa5qir5iPLYRvfQJBMx8m@mail.drown.org> <20211126214820.Horde.ErbRZcjuVf-yEn55FGUhEZP@mail.drown.org> <YaSkKrfdgJmOfKyJ@localhost> <20211129230401.Horde.bPTyNTr6teU3hrkyheUmwk6@mail.drown.org>
MIME-Version: 1.0
In-Reply-To: <20211129230401.Horde.bPTyNTr6teU3hrkyheUmwk6@mail.drown.org>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/lcJaRpsTSEQ7JHcBUd8NJqhT3TI>
Subject: Re: [Ntp] comments on draft-mlichvar-ntp-ntpv5-03 / Extension fields
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Dec 2021 11:13:46 -0000

On Mon, Nov 29, 2021 at 11:04:01PM -0600, Dan Drown wrote:
> Taking an embedded NTP server with a 100M ethernet link for example, my
> concern is that adding 24 bytes reduces maximum packets per second from
> 109.6kpps to 90.6kpps (17%). The number of NTP servers on a 100M link doing
> near maximum packet rate is probably a short list, but it is a tradeoff to
> consider. I don't really have a set acceptable size and I am open to
> increasing the size by some amount for this functionality.

I guess a more common problem (at least for public servers) is traffic
cost, which may scale linearly with the packet length.

NTS tripled the packet size and I don't remember many complaints about
that. It could do better in that aspect, e.g. the unique ID is not
really necessary when TX timestamps are fully randomized, but I
understand people wanted it to be independent.

> I agree that only NTP servers would need to care about loop prevention. So
> that would help the average packet size needed given a mix of clients and
> downstream servers.

I guess on public servers this extension would have only a minimal
impact. Of course it would depend on how it was implemented in the
clients, whether the client that had server functionality had it
disabled by default (if it could actually be disabled).

> > As you pointed out, it should be even much larger if we want a lower
> > false positive rate. But it doesn't have to be transmitted all at
> > once. The client could get it in multiple parts over multiple requests
> > (e.g. 4 or 8). This would add a delay to the loop detection.
> 
> I'd be worried about keeping that data in sync between systems. Having a
> "generation" identifier would be one option to handle that. If we went that
> route, why not just have static IDs for each stratum instead of a bloom
> filter?

Wouldn't this be limited to a chain of IDs, assuming only one server
per stratum?

The idea for NTPv5 was to detect loops over all servers used for
synchronization, including those that are not the best selected source
(e.g. marked with the + symbol instead of *). It is a graph of
servers.

The bloom filter was proposed by Daniel Franke in his NTPv5 sketch:
https://gist.github.com/dfoxfranke/4ca0443b6ff6e0473578cf3827b9ea7f

I liked the idea and put it in my draft as it should be much more
efficient than distributing the whole draft.

-- 
Miroslav Lichvar

v2.23.0 | Report a Bug | By Email