[ntp:questions] 1 Machine, 2 NICs, 2 Instances of ntpd; Possible?
mayer at ntp.isc.org
Sat Mar 15 01:45:01 UTC 2008
Maarten Wiltink wrote:
> "Steve Kostecke" <kostecke at ntp.org> wrote in message
> news:slrnftdkhp.knr.kostecke at stasis.kostecke.net...
>> Currently NTP uses port 123/UDP for both the source and destination
>> port. What you are proposing would require the use of a different source
>> port to work on a single-homed host. This would result in a DOS when
>> polling a server that enforces the NTP port.
> I'm no IP wizard, but isn't there a SO_REUSEPORT flag or something
> like that?
Yes, but you cannot have two different applications *listening* on the
same address/port at the same time without major problems.
> Anyway, I frankly doubt that requiring a specific source port is
> still a good thing. Dit it ever accomplish anything above testing
> that the sender has root on the remote machine? By now, it mostly
> serves to chase off innocent NATted clients.
There is actually nothing wrong with sending queries on a different port
except that you now have twice as many interfaces to listen on and manage.
>> Another thing to consider is the fact that you would now have two
>> processes which both require high priority access to the system clock.
> I can see how that would be a party killer. But the current, monolithic
> NTP can't discipline the clock and answer polls at the exact same time,
That doesn't matter. Having two different processes is more expense CPU
and performance-wise than a single server doing both. I have also
pounded an NTP server (trying to reproduce a bug) and the server barely
notices the load. My system certainly didn't.
The obvious choice would be to give the client part priority
> over the server part. Things might actually get *better*.
No it would be worse since you now have two processes competing with
each other for system resources instead of just one, not to mention your
having to manage it.
> At thirty-
> seven, all I have left is the questionable sideline-based wisdom to
> see room for improvement.
I'm much older than you then and I can still do it.
More information about the questions