devel@ntpsec.org said: > 1208. I stripped out all handling of the netlink socket and fixed around the > breaks I found. This would reduce NTPsec w/ NTS and IPv4/6 to 5 sockets. They > are UDP4, UPD6, TCP4, TCP6, and netlink which only spuriously trigger DNS > retries.
I scanned the patch file and didn't see what I was looking for. But it's 3K lines so I could easily have missed it. How much testing have you done? I expect the easy cases will work. Did you test anything complicated? It takes more than one interface to generate the complicated cases. The server side needs to use the dest address from the request as the source address on the reply. The client side needs to check that the packet came to the correct dest address. That's the code I didn't see. The old code with a socket per interface let the kernel do that work. With only one interface, you can't get it wrong. To test that, you have to do something to make the packet arrive on the wrong interface. ----------- At least on some OSes, you can get one socket that covers both IPv4 and IPv6. Maybe that's only for TCP. Mumble. I had to set some magic flag in order to get both NTS listeners to work. The second listener on a second thread seemed like a simple way to get some multi-threading. Your "spuriously trigger DNS retries" path is important. It handles the case where ntpd gets started before the link to the outside world is up and all the DNS lookups fail. It doesn't catch all the cases, but it got at least one. It won't recover from something like a home router being slow to start after a power fail, maybe because the owner didn't poke the power button until late in the recovery game. I think the case it did catch involved WiFi. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
