[ntp:questions] Re: Can you test my server please.

Danny Mayer mayer at gis.net
Thu Dec 2 17:39:59 UTC 2004


david at djwhome.demon.co.uk (David Woolley) wrote in message news:<T1101933766 at djwhome.demon.co.uk>...
> In article <3a2a0492.0411301449.faa83a9 at posting.google.com>,
> mayer at gis.net (Danny Mayer) wrote:
> 
> > pool if it requires client authentication. In any case the NTP
> > authentication is NOT a function of the IP addresses. The MAC
> > section of the NTP packet is what is used to transfer authentication
> > information.
> 
> It can't be true that the Media Access Control part of the packet is
> used in the authentication as that would be destroyed by the first
> IP router encountered.  Authentication wouldn't be an internet 
> protocol.
> 
> I think you have failed to realise that there is another meaning of
> MAC, Message Authentication Code, a sort of sophisticated check sum.
> 

I very specifically said the MAC in the NTP packet. It doesn't have
any meaning outside of NTP.

> Actually, I'm pretty sure that inclusion of the IP address in the
> calculation of the Message Authentication Code is why people have
> so many problems with dynamic IP addresses.

I think you are confused. Currently it's the server that fills in
the MAC and they should be using static addresses. The clients
currently are authenticating the server to make sure they are
receiving valid packets.

Danny



More information about the questions mailing list