[ntpwg] [dhcwg] Re: Network Time Protocol (NTP) OptionsforDHCPv6
Brad Knowles
brad at shub-internet.org
Tue Nov 27 07:08:28 GMT 2007
On 11/26/07, Ted Lemon wrote:
> But the main point that I keep making and that people keep ignoring is
> that this problem is not solved by using a domain name in place of an
> IP address. Using the domain name simply means that the place where
> the badness would occur is different. It's still a problem for the
> SOHO box or cable modem to be preconfigured with a name like
> "NTP.POMME.FR" - the only difference is that in that case not only
> will the NTP server at NTP.POMME.FR get slammed, but also the name
> server for NTP.POMME.FR will get slammed.
Not true. The NS and A records for NTP.POMME.FR will presumably have
a lifetime that is measured in hundreds, thousands, tens of
thousands, or maybe even hundreds of thousands of seconds, and they
will be cached on the remote end.
However, each and every one of those hundreds of thousands or
millions of misconfigured NTP clients will be pounding the
NTP.POMME.FR machine once every sixty seconds or so, unless they've
managed to back off to just pounding it ever thousand seconds or so.
If they're misconfigured, or the machine is not responding, they may
pound it every second -- or maybe many hundreds of times per second.
There's a huge difference here. Like, orders of magnitude. Possibly
many orders of magnitude.
> So my point is that whether we use an IP address or a domain name, the
> same problem still occurs. So the fact that the problem exists can't
> be used as a justification for using one over the other.
The difference is that once an IP address is given out, it can't be
changed to point somewhere else.
Once a name is given out, it can always be changed to point to a
different IP address. The current reference implementation would not
re-resolve that name into the new IP address, but at least all
new(er) instances would catch the new IP address, and life would be
able to continue.
--
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the ntpwg
mailing list