[ntp:questions] Re: abuse or bug ?

David L. Mills mills at udel.edu
Fri Jan 28 18:23:16 UTC 2005


David,

The broken Netgear implementation described in the paper cited works the 
way described in Henk's message; that is, sends at one-second intervals 
to unreachable servers. The stock ntpd backs off to 1,024 s and does not 
send bursts to unreachable servers.

Dave

David Schwartz wrote:

> "Henk P. Penning" <henkp at cs.uu.nl> wrote in message 
> news:Pine.GSO.4.44.0501270856030.14692-100000 at castor.cs.uu.nl...
> 
> 
>> it has been noted that some clients poll time servers at
>> a rate of 1 packet per second, for an unlimited period.
> 
> 
>     Yep.
> 
> 
>> Is this a bug in the standard ntpd software
> 
> 
>     Nobody has yet found the standard ntpd software to do this, as far as I 
> know, you are the first to report it.
> 
> 
>>or
>> abuse by bad software or badly configured clients ?
> 
> 
>     So it seems.
> 
> 
>> The example below make me think it is a bug.
>>
>> client   : 129.105.100.183 (in cs.northwestern.edu)
>> hardware : Sun, SunBlade 150
>> operating system :
>>   Linux gandalf 2.4.26-sparc-r2 #14 Wed Sep 22 15:27:12 CDT 2004 sparc64
>>   sun4u TI UltraSparc IIe (Hummingbird) GNU/Linux
>> ntp      : ntp  4.2.0-r2
>> config :
>>   server pool.ntp.org
>>   driftfile       /var/lib/ntp/ntp.drift
>>   restrict default notrust nomodify
>>   restrict 127.0.0.1
> 
> 
>     These 'restrict' lines will likely stop the server from being reachable.
> 
> 
>> It has sent 438851 packets in the last 129.3 hours to 'ntp.cs.uu.nl'.
>> The client says the server is unreachable.
> 
> 
>     How confident are you in this number? It definitely seems strange. NTP 
> should not poll a non-responding server more than once every 64 seconds.
> 
> 
>> There may well be a problem with the client's ntpd config
>> or the clients network setup ; the interesting thing is that
>> standard ntpd software with a 'normal config', running on
>> of-the-shelf hardware, can show the undesired behaviour.
> 
> 
>     That is very strange.
> 
>     DS
> 
> 



More information about the questions mailing list