NTS update

Gary E. Miller gem at rellim.com
Fri Mar 22 20:36:00 UTC 2019 

Yo Hal!

On Fri, 22 Mar 2019 13:30:48 -0700
Hal Murray via devel <devel at ntpsec.org> wrote:

> >> 2. A way to see both the NTS name/IP and matching NTPD name/IP  
> 
> 2019-03-22T12:55:52 ntpd[10362]: NTSc: nts_probe connecting to 
> pi3.rellim.com:123 => [2001:470:e815::23]:123
> 
> Is that enough?  (client side)

I'd rather not have to dig in the logs for an entry that may be weeks
old.  Once the cookies are passed, they get reused a long time.

It also tells me nothing about the NTPD part of the connection.

> There is a bug on the server side with the IPv6 printout.  I'm
> working on it, but no luck so far.  But that line has IP Address and
> port number.  No names needed on the server side.

I can live without names.

> > 2019-03-22T12:55:52 ntpd[10362]: NTSc: Got 8 cookies, length 104,
> > aead=15. 2019-03-22T12:55:52 ntpd[10362]: NTSc: NTS-KE req to
> > pi3.rellim.com took 0.028 sec, OK 2019-03-22T12:55:52 ntpd[10362]:
> > DNS: dns_check: processing pi3.rellim.com, 1, 21801
> > 2019-03-22T12:55:52 ntpd[10362]: DNS: Server skipping:
> > 2001:470:e815::23   
> 
> That "skipping" line is important.  It's trying to add the IP address
> to the peer struct for a server but some (other?) peer already exists
> with that address.

Uh, oh.  You mean I can't have both an NTS and a non-NTS connection to
the same address?  I want that to compare latency and jitter.  That
needs a very clear error message.

> Is that the first try or a retry?

I'm updating and restarting a lot, so those are all first tries.  Since it
gets the cookies, it has no need to retry.

>  If it's a retry, what happened on
> the first.  If it's the first, do you have another non-NTS server for
> that host?

I only run NTPsec.  Always up to date.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190322/0be48e34/attachment.bin>

More information about the devel mailing list