[ntp:hackers] Fw: Internet delays affecting NTP timing - feature or bug?
mlichvar at redhat.com
Mon May 27 14:30:12 UTC 2019
On Sun, May 26, 2019 at 09:46:40AM -0000, Peter Martinez wrote:
> > I am fairly sure that this isn't a bug in my software, and I am fairly
> > sure it's not in the affected servers. It seems to be "out there" in
> > the big wide internet. If I am right, then this will affect NTP
> > accuracy. I could ask the question "how is it that some part of an
> > internet route can introduce a spurious delay to a packet of data which
> > is triggered by the content of the packet?". Is it a feature or a bug?
> > If it's a bug, can it be fixed? NTP will be better if it can be fixed.
This is an interesting observation. How big is the difference in the
measured offset and delay? And do you see a difference in UDP
traceroute when using source port 123?
I did a quick test with a hundred of servers from my location and
didn't see anything obvious. (I was looking for a difference of at
least 10 milliseconds.)
However, there is a known issue with same networks that seem to limit
rate of all NTP packets on their borders, presumably to limit/avoid
amplification attacks using mode 6/7. This is a problem for some
public NTP servers. NTP responses are dropped, but packets using a
different source port on the same path are not.
More information about the hackers