Removing interleaved mode

Daniel Franke dfoxfranke at gmail.com
Wed Jul 6 14:08:19 UTC 2016 

With Eric's permission, I have removed support for interleaved mode in
my proto-refactor branch. Here is its commit-message eulogy:

    Interleaved mode was an invention intended to improve timekeeping
    precision in symmetric and broadcast mode. The problem it intended to
    solve is that transmit timestamps have to be written before the packet
    is sent, but right *after* the packet is sent, better information
    becomes available because you know exactly when the packet made it
    through the kernel and out onto the wire. So, the basic idea of
    interleaved mode was to dump that better value into the *next* packet,
    and have the peer follow along with that, always one packet behind.

    This is a problem that PTP is clearly better suited to solving, but
    interleaved mode still seems at least reasonable in theory. However,
    there are two big problems.

    First, interleaved mode adds a great deal of complexity to NTP's state
    machine. This led to at least one terrible vulnerability (CVE-2016-1548)
    which took two tries to fix (CVE-2016-4956), and probably indirectly
    led to a few others.

    Second, the implementation was flawed. "Drivestamps" were collected
    simply by calling get_systime() immediately after sendpkt() returned.
    However, on modern kernels, send() returns immediately unless the
    network buffer is full. So the timestamp that NTP was collecting had
    nothing to do with the time the packet actually went out, and was not
    any more accurate than the transmit timestamp obtained in basic mode.

    If interleaved mode ever provided a timekeeping improvement, there are
    two possible explanations for why. One possibility is that the Solaris
    boxen that Dave Mills tested it on had a simpler kernel networking
    stack, so the timestamp he was collecting was something closer to a
    true drivestamp. Another possibility is the presence of a simple bug:
    before the recent refactor of receive(), in every mode except
    interleaved mode, NTP was storing a transmit timestamp where a receive
    timestamp belonged. Interleaved mode may have been improving
    performance just by dodging this buggy code.

More information about the devel mailing list