Recent NTP pool traffic increase
Kurt Roeckx
kurt at roeckx.be
Sun Dec 18 11:36:49 UTC 2016
On Sat, Dec 17, 2016 at 07:03:16PM -0800, Gary E. Miller wrote:
> Yo All!
>
> On Sat, 17 Dec 2016 17:56:32 -0800
> "Gary E. Miller" <gem at rellim.com> wrote:
>
> > # tcpdump -nvvi eth0 port 123 |grep "Originator - Transmit Timestamp:"
> >
> > And I do indeed get odd results. Some on my local network...
>
> To follow up on this. The weirdness is just what chronyd has done
> since before version 2.2. Chronyd gets 'clever' when it fills in
> the data fields of an NTP packet.
>
> The RFC says a clients sends a server a packet with its current time in
> the 'Transmit Timestamp'. Chronyd instead puts in a random number. The
> server does not care, it just parrots back that timestamp back as the
> 'Originator Timestamp', plus the time the server received that packet,
> and the time it replied to the packet.
>
> The client uses 'Orignator Timestamp' as an index to lookup when it
> really sent the request, and then does the usual math with the real send
> time.
>
> So, red herring, back to the mystery hunt.
>
> Unless someone thinks this 'cleverness' is worth implementing in ntpsec.
I think openntpd might be doing something like that too.
That of course breaks if you try to do symmetric synchronization.
Kurt
More information about the devel
mailing list