[ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Options for DHCPv6

Sat Nov 24 03:46:19 GMT 2007

David W. Hankins wrote:

> So it is possible that the community may strongly desire an otherwise
> unusual number of intermediaries between /etc/ntp.conf and the IPv4
> addresses they determine.
> 

No, we don't want that, we want to ensure that we don't repeat the
mistake of hardware manufacturers (and for that matter software
developers) embedding fixed addresses in their implementations.

> So if the DHCP protocol field required RFC1035 syntax, an IPv4 address
> becomes an illegal configuration format, and that may be a desirable
> outcome to a segment of the operational community that is concerned
> with the historic stickyness of their IPv4 addresses, and the tendency
> to get sued for publishing one.
> 

This is one of the problems that the NTP pool servers face. The pool DNS
servers pass out different addresses on a regular basis but the NTP
clients are hanging onto the addresses. One of my urgent projects is to
get at least the reference implementation of ntpd to do another DNS
lookup in case the NTP server is not responding after a specified number
of request packets don't get a response. Pool servers that get removed
from the pool are continuing to receive NTP request packets for a very
long time. We cannot do anything about third-party clients but we can
certainly have the reference implementation do the right thing. The new
pool configuration option is also helpful because it now makes use of
multiple IP addresses returned by the DNS lookup.

> I do not make a judgement at this time, but I would like to caution
> the NTP community that additional intermediaries will not necessarily
> correct bad behaviour.  In example, putting your clock's location in
> DNS resolution into A/AAAA records does not mean a SOHO router
> manufacturer can not / will not resolve those addresses and then
> hard-code them into products.

Agreed.

> I would also like to suggest that some of these concerns may be
> mitigated by tracking Ralph Drom's recent 'container option' draft,
> wherein a SOHO router may dynamically receive from an 'upstream'
> DHCPv6 server the configuration values it should give 'downstream'
> DHCPv6 clients.
> 

We'd have to figure out how to integrate that if we were to do that.

> I'm not aware of an equivalent for DHCPv4 however.
> 
> 
> So cautioned, I personally leave it up to the NTP community to
> prove to us exactly to what extent it is genuinely useful to have
> such intermediaries as DNS (or even DHCP, even if I consider that
> a given) involved.

DNS is required for the pool configuration option. IP addresses are
strongly discouraged from the server configuration option for the same
reasons. The only time I can see allowing DHCP provided IP addresses is
if those addresses are link-local or site-local. That way we'd guarantee
that they were not going to bombard a remote NTP server with requests.

Danny