Hi, a "forest" being a "set of trees", I have a question with the statement cited: I doubt that NTP sync graph is tree-like (each node having eactly one parent, and the graph having no cycles). Especially with "peer" synchronization with peers being at the same startum.
The statement was taken from page 7 of "NTP Security Model", dealing with the basics of autokey. Assuming a tree graph makes the understanding more simple, but reality makes implementation quite fuzzy: Which nodes on a group do need "CA certificates" (trusted), especially if the topmost level of the group are multiple peers at the same stratum. As I understood it, NTP propagates trust "down the stratum" (low numbers to higher numbers). When initially staring the servers, it's unsure which one will sync first, and thus have the lowest startum (and therefore the need for the trusted certificate). Did I mis-interpret anything? At the moment one statum-2 peer has a flash of 408 (no_access, not_proventic, ...) while the other peer (with a disconnected refclock) has flash of 608 (no_access, bad_autokey, not_proventic) Regards, Ulrich _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
