[ntp:hackers] What does "interface listen wildcard" do?

Brian Utterback brian.utterback at oracle.com
Wed Jul 10 18:54:51 UTC 2013


On 7/9/2013 11:30 PM, Danny Mayer wrote:
> The short answer is "DON'T". The longer answer is that such packets 
> are not allowed to be forwarded by a router so you should use a 
> specific subnet specific address, e.g. 10.10.10.255 when using 
> broadcast mode. I think that we allowed the wildcard address for such 
> packets but it's not good news and interferes with configuring 
> specific addresses. Danny

I find that position completely untenable.

1. This used to work.
2. Users expect it to work.
3. I know of no network "best practice" or other document that even 
hints that one should used directed broadcasts in preference to 
undirected broadcasts. They each have specific uses and cannot replace 
one another.
4. I know of at least one major router vendor whose NTP implementation 
does not allow the admin to set the broadcast address used by router for 
broadcast packets.
5. I know of at least one major router vendor whose routers 
automatically convert directed broadcasts passing through the router 
into undirected broadcasts when the specified sub-net is reached.
6. The creation of subnetting was specifically designed so that the 
applications do not need to know the subnet masks of the adjacent 
sub-nets. Using directed broadcasts violates this principle and will 
probably break many configurations of virtual networking, certainly 
those using routers I mentioned in point 5.

On a related but mostly independent note:

I think we made a big mistake in 2004, extending the usage of the system 
of binding all of the interfaces as documented in bug 314, instead of 
trying to eliminate it. At the time I was concerned about how prevalent 
IP_PKTINFO was, particularly since it wasn't available in Solaris. But I 
think it is now available in most platforms. Other than the single issue 
of whether of not it is a supported part of all of our supported 
platforms, there is no other argument against using IP_PKTINFO 
documented in bug 314 that I think has held up nine years on.

I argued against the introduction of the "interface listen" keywords 
exactly because I thought it would make it harder to adopt IP_PKTINFO, 
because by that point I was convinced that it was the right way forward, 
and I still think so.  Posix adopted IP_PKTINFO precisely to eliminate 
the need to bind to all interfaces. However, I no longer think that the 
"interface listen" configuration are actually an impediment. I would 
certainly love to see the ntp_io.c code refactored to use IP_PKTINFO.

Brian Utterback


More information about the hackers mailing list