On Tue, Mar 05, 2019 at 12:46:29PM -0600, Richard Laager via devel wrote: > On 3/5/19 12:45 PM, Gary E. Miller via devel wrote: > > Yo Eric! > > > > On Tue, 5 Mar 2019 02:11:52 -0500 > > "Eric S. Raymond via devel" <devel@ntpsec.org> wrote: > > > >>> That would leave the configure option. I've never used it. > >> > >> I think we can justify both removals on security. If Mode 6 is a > >> read-only channel there can never be any exploits over it. That's > >> a significant gain in provable bulletproofness. > >> > >> You want to reconfure your ntpd? Bounce it. This won't happen often. > > > > Ugh, wrong. I've got to agree with Achim here. It takes days for > > my ntpd's to converge, that is why you don't bounce it often. > > How often are you reconfiguring your running ntpd today, and by what > mechanism (i.e. are you using the Mode 6 writable parameter(s) being > proposed for removal)?
I reconfigure ntpd periodically. I push a new ntp.conf via my configuration management system and then restart ntpd. My reconvergence takes ~10 minutes for stratum-1 clocks since my maxpoll is 2 seconds. Saving more state so that the reconvergence is faster would be great, but the current performance is sufficient. Reconfiguring via ntpq is not something I would ever use at scale. This mostly seems useful for tinkering/debugging. Thanks, -Matt _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
