[ntp:questions] Re: abuse or bug ?
David L. Mills
mills at udel.edu
Fri Jan 28 18:23:16 UTC 2005
David,
The broken Netgear implementation described in the paper cited works the
way described in Henk's message; that is, sends at one-second intervals
to unreachable servers. The stock ntpd backs off to 1,024 s and does not
send bursts to unreachable servers.
Dave
David Schwartz wrote:
> "Henk P. Penning" <henkp at cs.uu.nl> wrote in message
> news:Pine.GSO.4.44.0501270856030.14692-100000 at castor.cs.uu.nl...
>
>
>> it has been noted that some clients poll time servers at
>> a rate of 1 packet per second, for an unlimited period.
>
>
> Yep.
>
>
>> Is this a bug in the standard ntpd software
>
>
> Nobody has yet found the standard ntpd software to do this, as far as I
> know, you are the first to report it.
>
>
>>or
>> abuse by bad software or badly configured clients ?
>
>
> So it seems.
>
>
>> The example below make me think it is a bug.
>>
>> client : 129.105.100.183 (in cs.northwestern.edu)
>> hardware : Sun, SunBlade 150
>> operating system :
>> Linux gandalf 2.4.26-sparc-r2 #14 Wed Sep 22 15:27:12 CDT 2004 sparc64
>> sun4u TI UltraSparc IIe (Hummingbird) GNU/Linux
>> ntp : ntp 4.2.0-r2
>> config :
>> server pool.ntp.org
>> driftfile /var/lib/ntp/ntp.drift
>> restrict default notrust nomodify
>> restrict 127.0.0.1
>
>
> These 'restrict' lines will likely stop the server from being reachable.
>
>
>> It has sent 438851 packets in the last 129.3 hours to 'ntp.cs.uu.nl'.
>> The client says the server is unreachable.
>
>
> How confident are you in this number? It definitely seems strange. NTP
> should not poll a non-responding server more than once every 64 seconds.
>
>
>> There may well be a problem with the client's ntpd config
>> or the clients network setup ; the interesting thing is that
>> standard ntpd software with a 'normal config', running on
>> of-the-shelf hardware, can show the undesired behaviour.
>
>
> That is very strange.
>
> DS
>
>
More information about the questions
mailing list