[ntp:questions] Re: Public servers?

David L. Mills mills at udel.edu
Thu Jul 31 14:36:29 UTC 2003


Time,

I find your statement "If any of these routers are bothered by 300 
packets per second, they have many other problems." absolutely mind 
warping. This is normal flux for the NIST and USNO routers and our own 
servers. The NIST and USNO folks really have no way to throttle the flux 
without getting Congress and the stock brokers mad at them, but we 
campus types are much more ugly when it comes to abusing priviledge.

We do have some NTP servers running web browsers as well and in these 
cases have a very strict NTP access policy as specified in the public 
lists. One of these servers happens to be a TrueTime NTS-200, which as 
in all such boxes has an integrated web server. If you wiretap those 
servers without handing down the access policy in the public lists, we 
must consider you evil.

There are a number of defense mechanisms in ntpd as you may know, 
including access controls, kiss-o'-death, call gapping, etc., some of 
which are even effective against the boobs who lobby 256-packet bursts 
within one second. The number and variety of these gangsters are growing 
alarmingly fast.

As the result of the U Wisconsin incident, RFC-2030 is under revision 
right now and a draft has been circulated for comment. Your comments 
about what should be in the public lists and on the web are well meaning 
and we will do something about that.

We have discussed the casual configuration issues many times in the NTP 
developers group and come to no comfortable conclusion about scripts 
like yours that discover ad hoc NTP servers. Best advice I have is to 
not use those things at all and rely on pool.ntp.org to do the right thing.

Let me expand on our pool.ntp.org experience. Right now it requires two 
steps. The first is to do a DNS lookup on pool.ntp.org, craft a 
configuration file with all 20 servers so revealed and then start up 
NTP. After a few minutes NTP has found the best 3 or 4 servers and 
continues with them. The next step is to whittle down the configuration 
file to just those servers. Works gangbusters. Of course, the steps 
could be automated with due incisions in the NTP source code. At the 
moment, this is a little messy, since the configuration code is 
smothered in weeds. It may even be possible to do these steps with a 
script without changing the source code. Volunteers needed.

Dave

Tim Hogard wrote:

> David L. Mills (mills at udel.edu) wrote:
> : Tim,
> : 
> : I'm not sure we should be having this discussion. I make no claims 
> : whatsoever about the public lists other than to put up whatever folks 
> : send me without any checking whatsoever. Life is too short. I do insist, 
> : quite radically in fact, that the access conditions be really and truly 
> : respected, having been victim myself of folks who have violated them on 
> : our time servers for 17 years (sic!).
> : 
> : If you have an alternate scheme other than the public lists and 
> : pool.ntp.org, it should be posted on the web at www.ntp.org. The twenty 
> : volunteer servers returned from a DNS query to pool.ntp.org have agreed 
> : to open access and are scattered all over the world.
> I'm working on that.  I've been in contact with someone else.
> 
> : Your scheme should be useful in other cases, as long as the servers have 
> : agreed to open access. Remember, open access can lead to (and has in 
> : several cases) to over 300 packets per second and in one case (U 
> : Wisconsin) several thousand packets per second. This is why our primary 
> : servers have serious access restrictions and draconion traffic shaping. 
> : I do not in any way want those servers to be accidently discovered 
> : without access restrictions being very visible and respected.
> I generate a different list for everyone that hits the server.   The
> only way its going to "discover" a limited access stratum one or
> two server is if you run a web browser on that server.  All it does
> it ask nearby routers for the time using an NTP version 1 packet.
> If any of these routers are bothered by 300 packets per second,
> they have many other problems.
> 
> I will change the wording on the output page a bit.
> 
> I am well aware of the problem with the stratum 1/2 servers and them
> being overloaded (including the recent issue at csiro).
> 
> The problem I'm tring to solve is people hear about NTP, and think
> it would be good not to set their clocks again.  The go to google and
> find your page about NTP servers.  They figure they are a little
> unimportaint site and set things up to talk to a stratum 1 server wihout
> asking.  Sometimes they even put the IP address into a device and
> then ship a few hundred thousand.  Thats what we both want to stop.
> 
> You also have the people who figure stratum two is ok but stratum
> 1 must be better.  After reading "In most cases the accuracy of the
> NTP secondary (stratum 2) servers is only slightly degraded relative
> to the primary servers and, as a group, the secondary servers may
> be just as reliable.", they are more likly to use a stratum 1 server.
> Degraded time and lower reliabilityto the average person means the
> clocks could be minutes slow as opposed to miliseconds off.
> 
> I've had that discussion with someone before.  In the end I convinced
> him that he should find a stratum 3 because the stratum 1 servers
> were for radio telescopes and scientist and in general sent more
> zero bits to his server than the stratum 3 server would.  He was
> looking for something to reset his clock every hour and had no
> business using a stratum one server.  I wrote the script after that
> because I got tired of explainging traceroute and ntpdate.
> 
> I would like to see your page have some wording along the lines of:
> If your tring to sync your pc network so that the time is within a
> second or so, please consider looking here for a server with a link
> to pool.ntp.org.
> 
> I would also think it would be a good idea to put the wording like
> "Do no use any of these as default servers in software package or
> hardware device without first contacting the server operator and
> obtaining permission"
> 
> I'm now off to add more words of warning to my script...
> 
> -tim
> http://web.abnormal.com




More information about the questions mailing list