[ntp:questions] symmetric active while configurion uses server mode, RFC compliant or not?

Joe the Shmoe news at edrusb.is-a-geek.org
Sun May 19 09:28:47 UTC 2013


On 18/05/2013 20:10, Brian Utterback wrote:
> On 5/18/2013 3:14 AM, Joe the Shmoe wrote:
[...]
> 
> This is non-intuitive and arguably incorrect according to the RFC, but
> it is the programmed behavior.  There was a time when all Windows
> clients used symmetric active mode, so to work around that ntpd with
> nopeer configured responded with symmetric active mode packets but did
> not mobilize the association. I don't know if they still use symmetric
> active by default. Perhaps this should be revisited.

Thank you for your explanations. I now understand the reason. Having
made some tests after my question here, there is effectively a
difference with a real symmetric passive which is shown by the 'peer'
command of ntpdc or ntpq (= an association is mobilized?), while here
hopefully that sort of "faked symmetric" exchanges on network side, do
not show with that same command. I guess, one cannot introduce false
time information to my server that way, if for example, the "symmetric
client" spoofs a stratum 1 server.

> 
>>
>> - Other symmetric active requests come from the server itself toward one
>> of the 5 configured hosts. But the server only makes use of "server" in
>> the configuration (no "peer" statement). This occurs after a first NTP
>> client request to that configured host which get answered by two NTP
>> server from the configured host.
> 
> Can you post the traces? I am not sure I follow.

An extract of such NTP exchanges (wireshark capture) is available at:
	ftp host: edrusb.is-a-geek.org
	login: nobody
	password: ntp


> 
> Brian.

Regards,
Joe.



More information about the questions mailing list