[ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Optionsfor DHCPv6

TS Glassey tglassey at earthlink.net
Mon Nov 26 00:48:03 GMT 2007 

----- Original Message ----- 
From: "Ted Lemon" <mellon at fugue.com>
To: "TS Glassey" <tglassey at earthlink.net>
Cc: "Brian Utterback" <Brian.Utterback at Sun.COM>; <ntpwg at lists.ntp.org>; 
"Richard Gayraud (rgayraud)" <rgayraud at cisco.com>; <dhcwg at ietf.org>
Sent: Sunday, November 25, 2007 4:16 PM
Subject: Re: [ntpwg] [dhcwg] Re: Network Time Protocol (NTP) Optionsfor 
DHCPv6


> On Nov 25, 2007, at 5:20 PM, TS Glassey wrote:
>> You mean the DHCP lease? True unless the connection is forced to be 
>> renewed.
>> Otherwise, as long as the connection is in place one would think its 
>> proper
>> to have the service address remain the same.
>
> This is a very frustrating discussion.   Do you guys ever actually use 
> DHCP in operation?

Yes all the time.

>  Connections aren't "forced to be renewed."   DHCP  clients renew their 
> leases periodically.

Sorry Ted... they most assuredly do expire and if the user wants to continue 
to use those services the transport MUST renew its lease to have an IP 
address. That's what 'forces' the lease renegotiation

> It's possible to set up a  DHCP server to give out a lease that doesn't 
> need to be renewed, but  nobody ever does that.

Uh yes they do and its one of the problems with this type of system too.

> Even if some random person at one site  somewhere does it, they're not 
> going to have enough clients to cause  you trouble - it's only a large 
> site that will cause you trouble, and  trust me, they can't operate their 
> network without regular lease  renewals.

Ted, here again this is a policy issue.

>
> So in practice, for any significant source of NTP traffic, you are  going 
> to have DHCP lease renewals.   There aren't going to be any  exceptions to 
> this.
>
> Furthermore, for clients that only do the lightweight DHCP protocol, 
> there is a required refresh interval.   So again, this simply isn't a 
> problem.

Ted - this is about auditing and what's needed for digital evidence.  So we 
disagree here. NTP will not be run on platforms constrained by those issues 
if we are not careful and properly setup NTP so that the trust factor's it 
operates off of are secured as well.

Todd

>

More information about the ntpwg mailing list