[ntp:questions] unexpected multicast client operation

Danny Mayer mayer at ntp.isc.org
Fri Feb 23 01:47:28 UTC 2007


none wrote:
> Hi,
> 
> I am using the NTPD (v4.1 I think) that comes out of the box with RHEL 3

You should upgrade to 4.2.4 which fixes a lot of issues with
multicasting (released in 4.2.2, but 4.2.4 is the latest release).

> and I have multicast set up. What I am seeing confuses me though.
> Every time the server sends the multicast packet the client on the RHEL3
> machine does a client/server NTP transaction back to the server. Isn't the
> whole purpose of multicast so the clients just all listen and not talk to the server ?
> 

You need to understand what the default behavior of multicast is. By
default, when a multicast client receives a multicast packet, it sends a
return packet to the server sending the packet in order to authenticate
the multicast provider otherwise anyone can set up a multicast server
and send packets to anyone and have them being accepted. What you see is
the beginning of what Dave calls the key dance. During this process the
client and server act in client/server mode until the client is either
able to authenticate the server or able to reject it. Once authenticated
it will just accept the multicast packets. After a certain time period
it needs to reauthenticate the server. Note that an additional benefit
of all this is that it is able to get a measure of the offset of the
client from the server (via the roundtrip time for packets). The only
way that this will not happen is if the client disables authentication
and then you are at the mercy of whatever is sending you multicast
packets. You also have no idea what the offset is to the server.

> I dont have the server listed in the clients config so it is finding the
> server via the multicast message.
> 

Yes, it looks at the senders IP address and sends a client packet to it
with the authentication query.

Danny



More information about the questions mailing list