Backward compatibility analysis for M-BIT in Extension field types.
IANA alloctes new Extension field value :
0x800a for More Bit and 0x000a without more bit for new extension
NTPv4 Server (Autokey) NTPv4 client(Autokey + New Extension)
Case 1:
Process the packet <---- NTP Header + Autokey Extension [0x0102]
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type as per autokey
Case 2:
Process the packet <---- NTP Header + New Extension [0x000a]
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type More Bit (No more bit)
e) after excluding NTP header + NTP extension
if size is more than 0
then if check remaining size is more than MAC size then drop the packet
f) Process new extension as per new extension RFC
Case 3:
Process the packet <---- NTP Header + Autokey Extension [0x0102] + New
Extension [0x000a]
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type as per Autokey
e) Check packet size without header and Autokey extension which is more than
NTP MAC size
f) Check field type if matching as whole with Autokey filed types
g) Now parse NTP filed type More Bit (No more bit)
h) after excluding NTP header + Autokey Extension + NTP extension
if size is more than 0
then if check remaining size is more than MAC size then drop the packet
i) Process new extension as per new extension RFC
Case 4:
Process the packet <---- NTP Header + Autokey Extension [0x0102] + New
Extension [0x000a] + MAC
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type as per Autokey
e) Check packet size without header and Autokey extension which is more than
NTP MAC size
f) Check field type if matching as whole with Autokey filed types
g) Now parse NTP filed type More Bit (No more bit)
h) after excluding NTP header + Autokey Extension + NTP extension
if size is more than 0
then if check remaining size is more than MAC size then drop the packet
i) Process new extension as per new extension RFC
j) Process MAC (This is done at the beginning to authenticate packet)
Case 5:
Process the packet <---- NTP Header + Autokey Extension [0x0102] + New
Extension 1 [0x800a] + New Extension 2 [0x000b]
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type as per Autokey
e) Check packet size without header and Autokey extension which is more than
NTP MAC size
f) Check field type if matching as whole with Autokey filed types
g) Now parse NTP filed type More Bit (More bit)
h) Process new extension as per new extension 1 RFC
i) Now parse NTP filed type More Bit (No More bit)
j) Process new extension as per new extension 2 RFC
k) after excluding NTP header + Autokey Extension + NTP extension 1 + NTP
extension 2
if size is more than 0
then if check remaining size is more than MAC size then drop the packet
Case 6:
Process the packet <---- NTP Header + Autokey Extension [0x0102] + New
Extension 1 [0x800a] + New Extension 2 [0x000b] + MAC
Steps :
a) Check NTP packet size is more than NTP Header size
b) Check packet size without header which is more than NTP MAC size
c) Check field type if matching as whole with Autokey filed types
d) Now parse NTP filed type as per autokey
e) Check packet size without header and autokey extension which is more than
NTP MAC size
f) Check field type if matching as whole with Autokey filed types
g) Now parse NTP filed type More Bit (More bit)
h) Process new extension as per new extension 1 RFC
i) Now parse NTP filed type More Bit (No More bit)
j) Process new extension as per new extension 2 RFC
k) after excluding NTP header + Autokey Extension + NTP extension 1 + NTP
extension 2
if size is more than 0
then if check remaining size is more than MAC size then drop the packet
l) Process MAC (This is done at the beginning to authenticate packet)
As per Current IANA
https://www.iana.org/assignments/ntp-parameters/ntp-parameters.xhtml
NTP Extension Field Types
0x0002 No-Operation Request
0x8002 No-Operation Response
0xC002 No-Operation Error Response
0x0102 Association Message Request
0x8102 Association Message Response
0xC102 Association Message Error Response
0x0202 Certificate Message Request
0x8202 Certificate Message Response
0xC202 Certificate Message Error Response
0x0302 Cookie Message Request
0x8302 Cookie Message Response
0xC302 Cookie Message Error Response
0x0402 Autokey Message Request
0x8402 Autokey Message Response
0xC402 Autokey Message Error Response
0x0502 Leapseconds Message Request
0x8502 Leapseconds Message Response
0xC502 Leapseconds Message Error Response
0x0602 Sign Message Request
0x8602 Sign Message Response
0xC602 Sign Message Error Response
0x0702 IFF Identity Message Request
0x8702 IFF Identity Message Response
0xC702 IFF Identity Message Error Response
0x0802 GQ Identity Message Request
0x8802 GQ Identity Message Response
0xC802 GQ Identity Message Error Response
0x0902 MV Identity Message Request
0x8902 MV Identity Message Response
0xC902 MV Identity Message Error Response
Thanks & Regards
Anil S N
"Be liberal in what you accept, and conservative in what you send" - Jon Postel
> -----Original Message-----
> From: ntpwg [mailto:[email protected]] On
> Behalf Of Anil Kumar S N (VRP Network BL)
> Sent: 01 July 2015 09:27
> To: [email protected]; Anil Kumar; Tal Mizrahi; Karen O'Donoghue;
> [email protected]; [email protected]
> Subject: Re: [ntpwg] [TICTOC] WGLC on draft-ietf-ntp-checksum-trailer-
> 01.txt (Was: WGLC on draft-mizrahi-ntp-checksum-trailer-02.txt)
>
> I believe RFC is not specific to ntpd, sntp, ntpdate, ntimed, Windows,
> Time, chrony etc...
> All above has to follow RFC, So if conformance is with RFC is ultimate
> reasoning.
>
> I will publish detailed analysis on behavior NTPv3/NTPv4 with respect
> to M-Bit.
> The problem is that while designing extension addition padding issue
> should have been taken care, We are trying to solve it. This is an
> honest attempt.
>
> I discussed with our network solution team, in real network most of
> devices use only NTPv3 and they are not even willing to move into NTPv4
> as NTPv3 is serving their purpose.
> Moving into New version is not the only solution to all the issues.
> We need some improvements in current NTPv4 too.
>
> Core network is easy to upgrade as there will be less device using NTP,
> if we move towards Access ring the number of devices are huge.
>
> The point is coustmer is willing to move NTPv5 if we can provide them
> only with very attractive/convincing features with integrated
> diagnostic tools, Since each server at the access ring is handling huge
> number of clients, if there is a flapping in server. Server receives
> burst of client requests. One of the requirements came for solution
> team is to find as many servers as possible dynamically (with out
> multicast) and narrow down to stable servers. Administrator should be
> able select one of the best server.
>
> Selecting server : histroy of stability, challenge is trustability &
> current load.
>
> So I feel we need to solve issue by issue. Lets not differintiate small
> or big.
>
> Thanks & Regards
> Anil S N
>
> "Be liberal in what you accept, and conservative in what you send" -
> Jon Postel
>
>
>
> > -----Original Message-----
> > From: Danny Mayer [mailto:[email protected]]
> > Sent: 01 July 2015 08:43
> > To: Anil Kumar; Tal Mizrahi; Anil Kumar S N (VRP Network BL); Karen
> > O'Donoghue; [email protected]; [email protected]
> > Subject: Re: [ntpwg] [TICTOC] WGLC on draft-ietf-ntp-checksum-
> trailer-
> > 01.txt (Was: WGLC on draft-mizrahi-ntp-checksum-trailer-02.txt)
> >
> > On 6/30/2015 1:29 PM, Anil Kumar wrote:
> > > If issue is backward compatibility I will prove it, if new
> > > extensions Field type is not conflicting with autokey. It has no
> issues.
> > >
> >
> > How are you intending to check ntpd, sntp, ntpdate, ntimed, Windows
> > Time, chrony, and a vast number of clients?
> >
> > Let us solve the real problem rather than coming up with hacks that
> > will be almost impossible to do right.
> >
> > Danny
> > >
> > > On Tue, Jun 30, 2015, 10:55 PMÂ Danny Mayer <[email protected]
> > > <mailto:[email protected]>> wrote:
> > >
> > > On 6/30/2015 9:15 AM, Tal Mizrahi wrote:
> > > > Hi Anil,
> > > >
> > > > Thanks for the prompt response.
> > > >
> > > >> I support this draft, But how about more Bit incorporating
> in
> > > field type, Tal let me know your view.
> > > >
> > > > The checksum trailer draft requests IANA to allocate an
> > extension
> > > field type.
> > > > Note that:
> > > > (1) In unauthenticated mode, the checksum trailer extension
> > field
> > > is the last one.
> > > > (2) In authenticated mode, the checksum trailer extension
> > > field
> > is
> > > followed by the MAC / Autokey extension field.
> > > >
> > > > The suggested M-bit in
> > > draft-choudharykumar-ntp-ntpv4-extended-extensions indicates
> > whether
> > > the current extension field is the last or not.
> > > > So once the checksum trailer draft has an allocated extension
> > > field type, its most significant bit will be fixed to either 0
> > > or
> > 1,
> > > but cannot cover both case (1) and case (2) above.
> > > >
> > > > A possible way to resolve this is to have two types allocated
> > in
> > > the checksum trailer draft, one for case (1), and another for
> > case
> > > (2). The two types would be identical, except for the most
> > > significant bit. This would allow future compatibility with the
> > > M-bit, if adopted.
> > > >
> > > > A question to the WG: do we want to provision for the
> potential
> > > adoption of the M-bit?
> > > >
> > >
> > > No. It doesn't solve the problem for which they want it in a
> > backward
> > > compatible way.
> > >
> > > Danny
> > >
> > >
> > > _______________________________________________
> > > ntpwg mailing list
> > > [email protected] <mailto:[email protected]>
> > > http://lists.ntp.org/listinfo/ntpwg
> > >
>
> _______________________________________________
> ntpwg mailing list
> [email protected]
> http://lists.ntp.org/listinfo/ntpwg
_______________________________________________
TICTOC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tictoc
