[ntp:hackers] What does "interface listen wildcard" do?
brian.utterback at oracle.com
Wed Jul 10 18:54:51 UTC 2013
On 7/9/2013 11:30 PM, Danny Mayer wrote:
> The short answer is "DON'T". The longer answer is that such packets
> are not allowed to be forwarded by a router so you should use a
> specific subnet specific address, e.g. 10.10.10.255 when using
> broadcast mode. I think that we allowed the wildcard address for such
> packets but it's not good news and interferes with configuring
> specific addresses. Danny
I find that position completely untenable.
1. This used to work.
2. Users expect it to work.
3. I know of no network "best practice" or other document that even
hints that one should used directed broadcasts in preference to
undirected broadcasts. They each have specific uses and cannot replace
4. I know of at least one major router vendor whose NTP implementation
does not allow the admin to set the broadcast address used by router for
5. I know of at least one major router vendor whose routers
automatically convert directed broadcasts passing through the router
into undirected broadcasts when the specified sub-net is reached.
6. The creation of subnetting was specifically designed so that the
applications do not need to know the subnet masks of the adjacent
sub-nets. Using directed broadcasts violates this principle and will
probably break many configurations of virtual networking, certainly
those using routers I mentioned in point 5.
On a related but mostly independent note:
I think we made a big mistake in 2004, extending the usage of the system
of binding all of the interfaces as documented in bug 314, instead of
trying to eliminate it. At the time I was concerned about how prevalent
IP_PKTINFO was, particularly since it wasn't available in Solaris. But I
think it is now available in most platforms. Other than the single issue
of whether of not it is a supported part of all of our supported
platforms, there is no other argument against using IP_PKTINFO
documented in bug 314 that I think has held up nine years on.
I argued against the introduction of the "interface listen" keywords
exactly because I thought it would make it harder to adopt IP_PKTINFO,
because by that point I was convinced that it was the right way forward,
and I still think so. Posix adopted IP_PKTINFO precisely to eliminate
the need to bind to all interfaces. However, I no longer think that the
"interface listen" configuration are actually an impediment. I would
certainly love to see the ntp_io.c code refactored to use IP_PKTINFO.
More information about the hackers