Guys,
I have no idea what's going on here. The only reason the reference ID is
in the NTP header in the first place is to detect and avoid timing
loops. While it was found useful for traceback purposes in IPv4, it
doesn't work for IPv6, as it is only a hash.
The reference ID is not different for different addresses. It reflects
the source of timing only, and that is the same for all interfaces on
the same machine.
The Autokey scheme is bound to the IP addresses only for the cookie
calculation, which must be the same on the endpoint machines. The
security flow does not depend on the addresses, only the certificate
trail and group key. That this doesn't work with NAT is a valuable and
carefully treasured feature.
Dave
Ulisses wrote:
Hi Danny
On Fri, Nov 18, 2005 at 09:24:34AM -0500, Danny Mayer wrote:
Ulisses wrote:
[...]
The usefulness I wanted with it is to try getting the
loopback address of ntp servers running on routers
That's confusing me. Do you really mean the loopback addresss -
127.0.0.1 and ::1 or did you mean an address bound to the interface?
many (all?) routers wich run a routing protocol have an special address
that's called "loopback address" which is not 127.0.0.1
I wanted to check what address returned the ntp process on routers
(if it was possible) in the ntp header, in hope to obtain the
loopback address I mention.
[...]
There nearest thing to an identifier is the refid. Unfortunately it's
flawed in the NTP reference implmentation since you can get different
refid's from different addresses on the machine.
ok
Thanks for your comments
Ulisses
PD: I did not reply the rest of the e-mail because I suposse it is clear now
Debian GNU/Linux: a dream come true
-----------------------------------------------------------------------------
"Computers are useless. They can only give answers." Pablo Picasso
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.isc.org/mailman/listinfo/questions
