[ntp:questions] (Software) timeserver for windows being broadcast-able incl. keys

Tom Smith smith at cag.zko.hp.com
Sun Mar 18 05:09:04 UTC 2007


Danny Mayer wrote:
> Tom Smith wrote:
>> Erik wrote:
>>> On 15 mrt, 17:21, Tom Smith <s... at cag.zko.hp.com> wrote:
>>>>> broadcast 145.47.51.127 key 1
>>>>> broadcast 145.47.51.255 key 1
>>>>> broadcast 145.47.52.127 key 1
>>>>> broadcast 145.47.53.127 key 1
>>>> That's the right idea, but the second one above already
>>>> includes the first.
>>>>
>>>> Your network configuration seems a little strange.
>>>> What is the address and netmask of your server (or
>>>> the addresses and netmasks if it has multiple interfaces)?
>>>> You should probably just broadcast to whatever subnet(s)
>>>> it is on. You need one broadcast statement for each
>>>> interface on the server.
>>>>
>>> Hi Tom
>>>
>>> there is one network-card in the server that connects to the network
>>> and has access to the network segments mentioned above
>>> The IP-data of this server (PC) is (ipconfig-output):
>>>
>>> IP-adres . . . . . . . . . . . . . . .: 145.47.54.146
>>> Subnetmask . . . . . . . . . . . .: 255.255.255.128
>>> Standaardgateway . . . . . . . .: 145.47.54.129
>>>
>>> Does this answer your question?
>> Yes. That answers the question. With that configuration,
>> in order to reach any of the clients, the packets that the
>> server sends will have to be routed and cannot (usually) be
>> broadcast. The server can (usually) only broadcast to its
>> own subnet(s).
>>
>> That said, there are, of course, exceptions. I believe
>> that if the subnets are, in fact, all on the same VLAN,
>> you may be able to send a broadcast addressed to a
>> network wider than the subnet defined by the server's
>> netmask to any other network on the VLAN. In that case,
>> you could use the single broadcast address 145.47.63.255
>> to reach all of your clients. It might work and it might not.
>>
>> The second exception is if your routers are configured
>> route broadcast messages to be beyond the subnet
>> on which they originate. In that case, you could again
>> use the single broadcast address 145.47.63.255 or
>> the 3 individual broadcast addresses (2 through 4 in
>> your list). Again, it might or might not work in your
>> existing network configuration.
>>
>> What will work, without question, is not using
>> broadcast in the first place. You will have to work
>> with the company who supplied your systems to fix
>> the problem. You should continue this discussion
>> with them. This is really no longer about NTP.
>> It is about your network design.
>>
>> -Tom
> 
> This is beginning to sound like he should be using Multicast rather than
> Broadcast. It's a lot more controllable and directable to do what he needs,
> 
> Danny

Unfortunately, Erik seems to be between a rock and a hard place.
He can't change the clients, which have all been configured as
broadcast clients, but the current network design and server
configuration won't support broadcast unless another unusual
condition is also present - single VLAN or routed broadcast packets.

He can change the server - address(es)/netmask(s), maybe add NICs -
and maybe he can change the router configuration. What he can't
change at the moment is the clients, so he's stuck with trying
to find a broadcast solution that hits 4 different subnets of
different sizes.

I'm sure Erik would rather be doing something else by now. :-)

-Tom




More information about the questions mailing list