IETF Logo Mail Archive

[Ntp] Antw: [EXT] Re: NTPv5 Loop Detection without Stratum ‑ Why do we want this?

Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> Mon, 19 September 2022 07:54 UTC

Return-Path: <Ulrich.Windl@rz.uni-regensburg.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45B5EC157B36 for <ntp@ietfa.amsl.com>; Mon, 19 Sep 2022 00:54:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id onWbn1fqySk6 for <ntp@ietfa.amsl.com>; Mon, 19 Sep 2022 00:54:37 -0700 (PDT)
Received: from mx2.uni-regensburg.de (mx2.uni-regensburg.de [IPv6:2001:638:a05:137:165:0:3:bdf8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40F44C157B3B for <ntp@ietf.org>; Mon, 19 Sep 2022 00:54:36 -0700 (PDT)
Received: from mx2.uni-regensburg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id C359A6000051 for <ntp@ietf.org>; Mon, 19 Sep 2022 09:54:30 +0200 (CEST)
Received: from gwsmtp.uni-regensburg.de (gwsmtp1.uni-regensburg.de [132.199.5.51]) by mx2.uni-regensburg.de (Postfix) with ESMTP id 926A9600004E for <ntp@ietf.org>; Mon, 19 Sep 2022 09:54:30 +0200 (CEST)
Received: from uni-regensburg-smtp1-MTA by gwsmtp.uni-regensburg.de with Novell_GroupWise; Mon, 19 Sep 2022 09:54:30 +0200
Message-Id: <63282034020000A10004DE56@gwsmtp.uni-regensburg.de>
X-Mailer: Novell GroupWise Internet Agent 18.4.1
Date: Mon, 19 Sep 2022 09:54:28 +0200
From: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
To: mayer@pdmconsulting.net, mlichvar@redhat.com
Cc: heiko.gerstung=40meinberg.de@dmarc.ietf.org, kristof.teichel=40ptb.de@dmarc.ietf.org, "ntp@ietf.org" <ntp@ietf.org>
References: <DA1F1664-8A84-4197-844A-CA7E8DAA36B8@meinberg.de> <OF43150191.DABAA331-ONC12588B5.00362DC0-C12588B5.003861AF@ptb.de> <YxckOm2+TD3tTPN4@localhost> <7d7f0656-2fd2-b781-4913-526a4be8cb62@pdmconsulting.net> <Yxg4Cba58hI/aPKw@localhost> <aba44bbc-2204-735e-daff-a29a59dac9da@pdmconsulting.net> <YxmKlSVTzOQah/nc@localhost> <10b1b402-9386-4fb3-4297-38d31bdc5c96@pdmconsulting.net> <Yx8I6sTGKTLKJr8c@localhost> <796c33e6-02dc-0665-c8a2-a143f9100bdd@pdmconsulting.net> <Yygb4pt5JdyIszWU@localhost>
In-Reply-To: <Yygb4pt5JdyIszWU@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/oHkGIHOhDrEnGLCvZBlpeGo1nl8>
Subject: [Ntp] Antw: [EXT] Re: NTPv5 Loop Detection without Stratum ‑ Why do we want this?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2022 07:54:41 -0000

>>> Miroslav Lichvar <mlichvar@redhat.com> schrieb am 19.09.2022 um 09:36 in
Nachricht <Yygb4pt5JdyIszWU@localhost>:
> On Sun, Sep 18, 2022 at 12:07:50PM ‑0400, Danny Mayer wrote:
>> NTP looks at the selected candidates and chooses what it considers the
best
>> at that time. Only one source is the chosen system which as you note is
>> marked as the one with the asterisk (*). You can only find that out with
>> ntpq (mode 6) queries. That becomes the reference ID for any downstream
NTP
>> servers. I'm not sure what you are trying to point out.
> 
> The discussion started about synchronization loops and how can they be
> detected and prevented. It's still in the subject.
> 
> An NTP client selects multiple sources for synchronization (in ntpq
> marked as * and +). Loops can be happen over the * source and also the
> + sources.

Page 39 of NTPv4 spec says:
   The cluster algorithm selects one of the survivors as the system
   peer.  The associated statistics (theta, delta, epsilon, jitter, t)
   are used to construct the system variables inherited by dependent
   servers and clients and made available to other applications running
   on the same machine.

That reads as if only the system peer data ("associated statistics") affects
the data being sent out.

Page 45:
   (...)  The first entry on the list represents
   the system peer; its variables are used later to update the system
   variables.

> 
> You seem to be focused on the selection of the system peer (*), from
> which is inherited stratum and other things. You are right that there
> is only one system peer, but there are other sources which can form
> synchronization loops.

Page 9 says:
   (...)  The system offset (THETA) represents the
   maximum-likelihood offset estimate for the server population.  The
   system jitter (PSI) represents the nominal error in estimating the
   system offset.
Page 45:
   (...)  The
   routine processes peer offset and jitter statistics to produce the
   combined system offset THETA and system peer jitter PSI_p, where each
   server statistic is weighted by the reciprocal of the root
   synchronization distance and the result normalized.

So all selected sources contribute to the offset and rootdisp. Seems like a
contradiction to the first quotes.


Regards,
Ulrich
> 
>> > > That's irrelevant. You are polling a server for time, what you do with
it
>> > > depends on the analysis done on the packets.
>> > Right. So can you explain where measurements made in symmetric mode
>> > are handled differently than in client/server mode? A pointer to the
>> > RFC or code is sufficient.
>> The NTP reference implementation does this.
> 
> I'm quite familiar with the "reference implementation", more than I'd
> like actually, but I have not seen what you are suggesting.
> 
> Can you please tell us in which file and on what line we can see that
> difference in handling of measurements made in client/server mode and
> symmetric mode?
> 
>> > In symmetric mode each packet is a request and response at the same
>> > time, i.e. the number of messages is halved when compared to two
>> > client/server associations.
>> No. See the source code.
> 
> Which file and line in the source code?
> 
>> > As the responses follow the polling interval and are not send
>> > immediately when the request is received, this makes the symmetric
>> > mode susceptible to replay attacks. In client/server mode each request
>> > has its own response, independently from the polling of the other
>> > client/server association.
>> Not true. You misunderstand how symmetric mode works.
> 
> Which part do you think I misunderstood?
> 
>> A stratum‑1 server that decides that it's reference clock is not reliable,
>> or unavailable, is no longer a stratum‑1 server, it's just a downstream
>> server from it's selected server and is a stratum lower than that server.
>> I'm not sure what your question is since it's very basic to NTP.
> 
> There was no question. I said clients of a stratum‑1 server with a
> poor reference clock would prefer another server, possibly with a
> higher stratum, i.e. stratum doesn't indicate accuracy. You said it
> would no longer be considered a stratum‑1 server. I disagree.
> 
> ‑‑ 
> Miroslav Lichvar
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org 
> https://www.ietf.org/mailman/listinfo/ntp

v2.23.0 | Report a Bug | By Email