[ntp:hackers] What does "interface listen wildcard" do?
brian.utterback at oracle.com
Wed Jul 10 19:01:20 UTC 2013
On 7/10/2013 2:54 PM, Brian Utterback wrote:
> On 7/9/2013 11:30 PM, Danny Mayer wrote:
>> The short answer is "DON'T". The longer answer is that such packets
>> are not allowed to be forwarded by a router so you should use a
>> specific subnet specific address, e.g. 10.10.10.255 when using
>> broadcast mode. I think that we allowed the wildcard address for such
>> packets but it's not good news and interferes with configuring
>> specific addresses. Danny
> I find that position completely untenable.
> 1. This used to work.
> 2. Users expect it to work.
> 3. I know of no network "best practice" or other document that even
> hints that one should used directed broadcasts in preference to
> undirected broadcasts. They each have specific uses and cannot replace
> one another.
> 4. I know of at least one major router vendor whose NTP implementation
> does not allow the admin to set the broadcast address used by router
> for broadcast packets.
> 5. I know of at least one major router vendor whose routers
> automatically convert directed broadcasts passing through the router
> into undirected broadcasts when the specified sub-net is reached.
> 6. The creation of subnetting was specifically designed so that the
> applications do not need to know the subnet masks of the adjacent
> sub-nets. Using directed broadcasts violates this principle and will
> probably break many configurations of virtual networking, certainly
> those using routers I mentioned in point 5.
7. In the most common case, wanting NTP broadcast packets to be sent
out of all interfaces, the admin needs to know the sub-nets and
interface addresses for all interfaces on the system when editing the
ntp.conf file. Ig directed broadcasts are used, then I would argue that
"broadcast" without an address should be taken to mean that ntpd should
calculate the directed broadcast address for each interface and use
that. Customers hate having unnecessary customizations.
More information about the hackers