[ntp:questions] Re: status of multicast

David L. Mills mills at udel.edu
Mon Nov 29 02:21:53 UTC 2004


Dale,

I imagine you are using symmetric key cryptography, so you only need to 
authenticate once. In public key cryptography the keys are refreshed 
once per day as the server rolls a new cookie. The client certainly does 
use a unicast path, as that's how it can determine the broadcast delay, 
in your case probably 270 ms. I don't know why it volleys with the 
server on every broadcast received. It was not designed to do that and 
doesn't do that here. The volley packet interval is two seconds. I trust 
your unicast roundtrip delay is less than that. I'd tell you to light up 
the lastest tarball, but the latest tarball has defective IPv4 multicast.

Dave

Dale Schultz wrote:
> Hi:
> I was one of those people that made several inquires about multicast 
> mode.  My application is in a hybrid satellite network, where the 
> multicast packets are sent over the satellite link and received through 
> a DVB card (sat0) in the remote server.  When the remote server 
> authenticates it does so with the unicast address of the server over a 
> point-to-point (eth0) terrestrial link.  The odd behavior I typically 
> see is that ALL the remote servers will attempt to authenticate at every 
> multicast interval.  This does not scale well with 8000 remote servers.  
> What I'd love to see is an initial authentication exchange and then the 
> remote servers shut up and listen to the multicast signal and never 
> authenticate again unless they've restarted or the signal has been lost 
> for an extended period of time.
> I'd be more than will to test any new code in this environment if it can 
> be made to work efficiently, no authentication storms.
> 
> Thanks. Dale
> 
> Harlan Stenn wrote:
> 
>> Compiling is not the issue.
>>
>> It's running it that counts, and then if there is a problem the most
>> help would be to be able to debug the problem and then even propose a 
>> patch.
>>
>> H
>> -- 
>> In article <co8hru$8sl$1 at reader2.nmix.net>,
>> james edwards <jamesh at cybermesa.com> wrote:
>>
>>>> It would be great if anybody else who was familiar with multicast 
>>>> was able
>>>> to pitch in.
>>>>
>>>> H
>>>
>>>
>>> If it would be of help I can compile ntpd from the dev tarball and 
>>> test it
>>> on my networks.
>>> Let me know or otherwise i will wait from the production tarball to come
>>> out.
>>>
>>> james




More information about the questions mailing list