IETF Logo Mail Archive

Re: [Ntp] Antw: [EXT] Re: I-D Action: draft-ietf-ntp-using-nts-for-ntp-27.txt

Ragnar Sundblad <ragge@netnod.se> Fri, 27 March 2020 07:53 UTC

Return-Path: <ragge@netnod.se>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DE2E3A09A9 for <ntp@ietfa.amsl.com>; Fri, 27 Mar 2020 00:53:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=netnod-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pL4jws1sUWj6 for <ntp@ietfa.amsl.com>; Fri, 27 Mar 2020 00:53:55 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 533F53A0F1E for <ntp@ietf.org>; Fri, 27 Mar 2020 00:53:55 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id v4so7033233lfo.12 for <ntp@ietf.org>; Fri, 27 Mar 2020 00:53:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netnod-se.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZBhO9iCISSRM/83tlFQAEqKlcvQEdCArsvdXAuEqQEM=; b=WWvw6hKjWwbIWW3bGOiLweJOoER/Wml1OGBR5zJ6kU31utyWHcqcczGQa0lBOdLuAe MhL2UJFskmw2g+fL7kAdfcyB62mYEtOqQO2fGcl62waOLsepuFZ5/UdkiCZTyzkNs+JW RUSq0zCSN/ocRv1tBGv+btOyQPHMac1wDqsM8QeHBCnHF9EnX/H7+5HsirwKiU0NIoNI 84lB7irZHyvfHjueCb2C8xA25U0jANwAqvlDaFspYAqHcrNYHXa40cALpJJhGDBvZ2K3 EafwjTHRbUdVy8vfrlc8uwDpbfeysCy95/1vwWg177KkumEaLaqUxT8O+qA+dJSxqzoq Nx5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZBhO9iCISSRM/83tlFQAEqKlcvQEdCArsvdXAuEqQEM=; b=mm+o/NJq2Bh2w+UQfFvgRr39j4HWkAah9LJEQisXpkmuLD/8U7c9cDk9yyZfZxadXW 5+0A0+L/eIKIHSfTjMzLIHfrm2t0KOfBaUMYOeki7Dv2+9an4/ClnfDjJZKNk6eGO6gq crmya9ykPqPyCvLbR17La7d16xERAMLrkq8CdBfmVUmyaq8WuT8bsPnURYhr4CZmjSmq GcU6Zh0jkh3ni9yW4XYs1sAhsUN6p0z1K83BBpE0WXaWT4stGoIOs2sufKZAiCn/p7Sd gkVx2H6P/6xC9wgDiBYsn8MOrfoZiO9sybRij5wfDpRtM7q51JQUPFiMAQllGdEzA8h0 9waA==
X-Gm-Message-State: ANhLgQ3fKwW7gMoEC65WIC5t6SlsSMB8Xmsn4/GTU4+M/XYmNLqpiPqQ ULBz/Q4cp49K8nTx/j9HH3K34Q==
X-Google-Smtp-Source: ADFU+vseLmfeV8mUtzg1J5Ay1j+apeLyTvarIcmBQeEEc3YPyQJpYVw9iWLi9wonXZdMUGBrOE3QyA==
X-Received: by 2002:ac2:41d3:: with SMTP id d19mr8448488lfi.57.1585295633518; Fri, 27 Mar 2020 00:53:53 -0700 (PDT)
Received: from [10.0.1.14] (h-122-211.A530.priv.bahnhof.se. [213.80.122.211]) by smtp.gmail.com with ESMTPSA id 3sm2686650ljq.18.2020.03.27.00.53.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 Mar 2020 00:53:52 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Ragnar Sundblad <ragge@netnod.se>
In-Reply-To: <5E7DAC3D020000A100037F73@gwsmtp.uni-regensburg.de>
Date: Fri, 27 Mar 2020 08:53:51 +0100
Cc: "ntp@ietf.org" <ntp@ietf.org>, mlichvar@redhat.com
Content-Transfer-Encoding: quoted-printable
Message-Id: <486E02C0-73F9-4689-A360-66768514CBFE@netnod.se>
References: <158507294813.11622.18159158243943940302@ietfa.amsl.com> <20200325115834.GC25803@localhost> <74B1B8F5-5762-4AB1-B3F2-D5AC2BC325C1@netnod.se> <20200325145956.GF25803@localhost> <400E7210-ABB7-48F7-B52D-A69A96968255@netnod.se> <20200326095602.GB9039@localhost> <842BEA8F-35F7-41B7-8FEC-30515F88A60D@netnod.se> <20200326113745.GC9039@localhost> <97BDCE6D-205D-4727-A585-602AD141B245@netnod.se> <5022_1585231330_5E7CB5E2_5022_507_1_20200326140143.GD9039@localhost> <5E7DAC3D020000A100037F73@gwsmtp.uni-regensburg.de>
To: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/pc3Ab2DgfiIoBiPVWvZJn4kawx8>
Subject: Re: [Ntp] Antw: [EXT] Re: I-D Action: draft-ietf-ntp-using-nts-for-ntp-27.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2020 07:54:07 -0000


> On 27 Mar 2020, at 08:33, Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> wrote:
> 
>>>> Miroslav Lichvar <mlichvar@redhat.com> schrieb am 26.03.2020 um 15:01 in
> Nachricht
> <5022_1585231330_5E7CB5E2_5022_507_1_20200326140143.GD9039@localhost>:
>> On Thu, Mar 26, 2020 at 02:01:16PM +0100, Ragnar Sundblad wrote:
>>> Oh, so you think there is a risk that both the KE negotiation works
>>> and at least one NTP requests works, and soon thereafter the
>>> connection breaks, frequently?
>>> I am not sure why that would happen very often, but if it did, there
>>> Should at least be 8 NTP requests (until the client has exhausted its
>>> cookies) until it contacts the KE server again.
>> 
>> Rate limiting of NTP packets in some networks is a major issue, which
> 
> Maybe the next NTP specification should talk about the QoS bits.

I heard this story about a larger networking equipment company that had
some internal bandwidth problems (quite surprisingly, but I suppose
there was a good reason), so they started to use QoS internally, and
priorities e.g. VoIP traffic to not have them break up.
Since most of the employees were networking savvy, of course they
started to run all their traffic from their own machines with highest
possible priority. When they all did that, they were back where they
had started.

I think it is hard to make QoS work in anything but extremely
controlled environments.

>> was discussed on this list. I sometimes see over 90% packet loss. The
>> client would need to reuse cookies to operate reasonably well in such
>> conditions. I agree the 8 polling intervals from NTP helps here
>> (assuming the interval is not reset to the minimum after NTS-KE and
>> it's not using a burst).
>> 
>>>> No, clients may switch between servers when they become unreachable
>>>> (e.g. due to rate limiting). I see this often with my mini-pool of NTS
>>>> servers.
>>> 
>>> Oh really, I didn’t know. So chrony does that? (Nice!)
>> 
>> I think most NTP and SNTP clients do that.
> 
> Specifically Manycast and Pool configurations work like that.

You are right, of course!

>>>> Well, as I said above, there are many reasons why NTS-KE or NTS-NTP
>>>> may be consistently failing. For example, an ISP may have a firewall
>>>> that blocks large NTP packets. NTS-KE will work as expected, but
>>>> no NTS-NTP reply will be ever received, so the clients will be
>>>> constantly restarting NTS-KE. If the clients were restarted once per
>>>> day and used the 1024*2^(n - 1) retry interval I suggested, the number
>>>> of NTS-KE requests would drop to 30%.
>>> 
>>> Ok - in this case too, there should be 8 NTP requests before it contacts
>>> the KE server again, and it will increase the retry interval each time
>>> since it has not completed a full cycle of getting cookies and succeeded
>>> in using them.
>> 
>> You are right. Good point. Maybe a bug or incompatibility between
>> different implementations would be a better example.
>> 
>> -- 
>> Miroslav Lichvar
>> 
>> _______________________________________________
>> ntp mailing list
>> ntp@ietf.org 
>> https://www.ietf.org/mailman/listinfo/ntp 
> 
> 
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp

Best,

Ragnar

v2.23.0 | Report a Bug | By Email