[ntp:questions] Unauthenticated Broadcast Client Drops Authenticated Server Packets.
Richard B. gilbert
rgilbert88 at comcast.net
Thu Mar 15 20:57:13 UTC 2007
Arul Kumar C wrote:
> Hi Experts,
>
> I have got a broadcast server that sends broadcast messages
> authenticated with MD5. There is a broadcast client that has no
> authentication enabled. The packets on the broadcast client is
> dropped due to authentication failure. Could you please let me know
> if this is the expected behaviour of the broadcast client in this
> scenario.
>
> Since the broadcast cleint is not interested in authentication, it
> could very well accept the packet from the server though the packet
> has MAC, right ?
>
> Please let me know if I miss anything here.
>
> Thanks,
> Arul Kumar C
>
Broadcast clients require authentication by default. So, yes, this is
the expected behavior. If the client does not require an authenticated
server, you can disable authentication. The reason is that ANYBODY with
the proper software can broadcast NTP packets on your network. Those
packets may have the correct time or they may not! If the time is not
correct youf clients may be off by anything from seconds to years!
More information about the questions
mailing list