[ntp:questions] Re: server's address in ntp payload?

David Schwartz davids at webmaster.com
Wed Nov 23 20:11:33 UTC 2005


"Brian Utterback" <brian.utterback at sun.removeme.com> wrote in message 
news:4384C69A.7090003 at sun.removeme.com...

> David Schwartz wrote:

>>     I think if you can make the argument that the source address doesn't 
>> have to match the destination of the query, you can equally well argue 
>> that the destination address doesn't have to match the source of the 
>> query. ;)
>>
>>     Or, to put it another way, as soon as you layer a request/reply 
>> protocol on top of UDP, the default presumption would be that the reply 
>> MUST have the same source as the query's destination and vice-versa.

> Completely false. Neither RFC 1123 "Requirements for Internet Hosts"
> nor RFC 768 "User Datagram Protocol" make any such requirement. RFC 1123
> does say that a UDP "SHOULD" be returned with the same source address
> as the original destination address, but explicitly does not make that
> a "MUST".

    The definition of "SHOULD" is "there may exist valid reasons in 
particular circumstances to ignore this item, but the full implications 
should be understood and the case carefully weighed before choosing a 
different course". Remember that RFC 1123 is not addressing any particular 
request/response protocol. If it said "MUST", it would be impossible for 
particular protocols to override it, which would make no sense at all.

    I am saying the default presumption is that it must be that way but that 
particular protocols can override it. That's effectively what SHOULD means 
in a general description -- done that way unless the specifics of some 
particular case justify doing otherwise.

> Further, description of the API for use with UDP in RFC 768
> lists the ability to determine the source address of a packet, but does
> not list any such ability for the destination, which would be necessary
> to accomplish this. The fact that this ability was not listed
> and indeed not included in any UDP API until relatively recently should
> tell you something about the requirement.

    The description of what API where? RFC 768 contains no API description.

> As I have said before, most UDP protocols are designed to handle this
> problem. Only UDP protocols that deal with network control and topology
> generally have cared about the destination address. The system I am
> using has 356 listening UDP ports open right now, and exactly
> 3 of those have bound all the interfaces: bootps, snmp, and NTP.  Every 
> one of the others either does not care or has another mechanism for
> handling it, like XIDs. The bootps/DHCP and SNMP need to know the 
> destination address in order  for them to respond with the proper answers, 
> which is to say the answer is different depending on the destination 
> address of the request. What is NTP's excuse?

    What is NTP's excuse for what?

> I would further point out that none of these are bound to all addresses
> in order to prevent port hijacking.

    I don't see the relevance.

    DS





More information about the questions mailing list