[ntp:hackers] Use MSG_CONFIRM flag to keep OS ARP table up to date?
todd glassey
tglassey at earthlink.net
Thu May 10 17:56:25 UTC 2012
On 5/8/2012 1:35 PM, Brian Utterback wrote:
> On 5/8/2012 6:09 AM, Heiko Gerstung wrote:
>> If there is a router in between, there is no problem. And I would
>> expect that if I receive an NTP response from a host with
>> a specific IP/MAC, I should reply to that IP/MAC and if my own ARP
>> table entry is "wrong", it needs to be corrected.
>
> It is absolutely incorrect to assume that the response packet should be
> sent to the same MAC address that was in the source of the request
> packet. The system should never update the ARP table based on an
> incoming packet. It may be the case that it would be okay in many cases.
> but it definitely is not okay in all of them and it is not possible for
> the server to detect the difference.
Which is why this all has to be defined in a policy-centric time
synchronization practice which provides proper evidence of time transfer.
Todd
>
> Brian Utterback
> _______________________________________________
> hackers mailing list
> hackers at lists.ntp.org
> http://lists.ntp.org/listinfo/hackers
>
--
Todd S. Glassey
This is from my personal email account and any materials from this
account come with personal disclaimers.
Further I OPT OUT of any and all commercial emailings.
More information about the hackers
mailing list