I am a developer of embedded devices. I have started using NTP some time ago, used  fixed IP address of one server nearby. Recently I found out that time synchronization stopped, it appears that server at target IP address just dropped out of the pool.

Now I rewrote firmware to perform DNS query on 0.pool.ntp.org, and take first server returned in the list. Frequently synchronization fails because servers returned by DNS are not responding. One of them, in Sweden, did not respond to ping.

Is it really the case what DNS list is having dead points for the NTP pool? I assume NTP.ORG T&C say that they do not hold any responsibility for quality of service, but is it so hard to ensure that remote NTP service is up before returning it through DNS?

On 2016-10-07, eugeny.yu.brychkov@gmail.com <eugeny.yu.brychkov@gmail.com> wrote:
> I am a developer of embedded devices. I have started using NTP some time ago, used  fixed IP address of one server nearby. Recently I found out that time synchronization stopped, it appears that server at target IP address just dropped out of the pool.
>
> Now I rewrote firmware to perform DNS query on 0.pool.ntp.org, and take first server returned in the list. Frequently synchronization fails because servers returned by DNS are not responding. One of them, in Sweden, did not respond to ping.
>
> Is it really the case what DNS list is having dead points for the NTP pool? I assume NTP.ORG T&C say that they do not hold any responsibility for quality of service, but is it so hard to ensure that remote NTP service is up before returning it through DNS?

Yes. Teh server could be temporarily down (eg miss just one or two ntp
packet responses). And it is a large extra burden on the dns resolver to
then go test the sites. 
Note that ping has nothing to do with it.Many many places have disabled
ping responses, while the system work fine. 

The only way is to send ntp packets and see if they get answered. 
But you can do that as well. To use your phrasology "Is it so hard for
you to test servers that you get to see if they are responding"?

eugeny.yu.brychkov@gmail.com writes:
> I am a developer of embedded devices.

Please read this: http://www.pool.ntp.org/en/vendors.html

DES
-- 
Dag-Erling Smørgrav - des@des.no

> Yes. Teh server could be temporarily down (eg miss just one or two ntp
> packet responses). And it is a large extra burden on the dns resolver to
> then go test the sites. 
> Note that ping has nothing to do with it.Many many places have disabled
> ping responses, while the system work fine. 
> 
> The only way is to send ntp packets and see if they get answered. 
> But you can do that as well. To use your phrasology "Is it so hard for
> you to test servers that you get to see if they are responding"?

William, thank you for reply.
(1) I would believe in loss of 1 or two packets, but it loses all the packets within several minutes (as far as I was testing that particular server).
(2) The service as it looks now is just not viable for usage for whatever reason - bad software, wrong architecture, or just wrong technological model. User would not care.

> Please read this: http://www.pool.ntp.org/en/vendors.html

Dag, what exactly should I look at? I need to setup my cluster of NTP servers? Thanks. I found out there're some other locations where I can send NTP requests and get more reliable answer.

eugeny.yu.brychkov@gmail.com wrote:
>> Please read this: http://www.pool.ntp.org/en/vendors.html
>
> Dag, what exactly should I look at? I need to setup my cluster of NTP
> servers? Thanks. I found out there're some other locations where I
> can send NTP requests and get more reliable answer.
>
That link is very clear abut the need to ask for and get a 
'eugeny'.pool.ntp.org subdomain registered for any project like yours, 
at which point the pool has a single point of control in case your 
device ends up with a bug which cause a packet storm directed at the 
project.

Terje

-- 
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"

On 07/10/2016 18:52, eugeny.yu.brychkov@gmail.com wrote:
>> Please read this: http://www.pool.ntp.org/en/vendors.html
>
> Dag, what exactly should I look at? I need to setup my cluster of NTP servers? Thanks. I found out there're some other locations where I can send NTP requests and get more reliable answer.
>

I think he is referring to the fact that if you distribute or sell
devices with hard coded or default NTP server references and want to
use NTP servers from the pool, you should:

1. Request your own vendor subzone from the NTP pool administrators,
   and use that name in your DNS lookups.

2. Design your devices to lookup up
       0.yourprefix.pool.ntp.org,
       1.yourprefix.pool.ntp.org,
       2.yourprefix.pool.ntp.org and if necessesary
       3.yourprefix.pool.ntp.org,
   then query all 3 (or 4) servers returned, allowing your devices to
   survive if on some day one or more is broken.

3. Make your devices follow the specific requirements for automatically
   stopping queries to servers that don't respond or send back "KoD"
   error responses.

4. Not sending many queries in a relatively short period of time to any
   one server (for example, if you keep testing against a single server
   all day (or even for shorter time with many queries), that server is
   fully entitled to blacklist you, and may even do this automatically
   to avoid the DDoS problem).

5. Make your vendor contribution to the pool as specified on the
   above web page.

The NTP RFCs and the documentation on ntp.org provides specific numbers
for how few queries you should send to each ntp server, for example,
look at what the standard ntp code does by default: A small initial
burst to measure the round trip time and get a first timestamp, then
queries every 64 seconds, then doubling that until the you only query
once every 1024 seconds for the next many days, weeks or months.

Microsoft's NTP client is even less aggressive defaulting to querying
once per week to a single server from standalone machines, and with
intervals doubling all the way up to 8192 seconds or more for time
servers serving time to entire companies.




Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

On 2016-10-07, eugeny.yu.brychkov@gmail.com <eugeny.yu.brychkov@gmail.com> wrote:
>> Yes. Teh server could be temporarily down (eg miss just one or two ntp
>> packet responses). And it is a large extra burden on the dns resolver to
>> then go test the sites. 
>> Note that ping has nothing to do with it.Many many places have disabled
>> ping responses, while the system work fine. 
>> 
>> The only way is to send ntp packets and see if they get answered. 
>> But you can do that as well. To use your phrasology "Is it so hard for
>> you to test servers that you get to see if they are responding"?
>
> William, thank you for reply.
> (1) I would believe in loss of 1 or two packets, but it loses all the packets within several minutes (as far as I was testing that particular server).
> (2) The service as it looks now is just not viable for usage for whatever reason - bad software, wrong architecture, or just wrong technological model. User would not care.

If you are building this for others, you were pointed to how you should
set up things. And just having them use pool is not the way.

So it is probably a good thing for the world that you have decided not
to use the pool service.

eugeny.yu.brychkov@gmail.com writes:
> "Dag-Erling Smørgrav" <des@des.no> writes:
> > Please read this: http://www.pool.ntp.org/en/vendors.html
> Dag, what exactly should I look at?

Firstly, Euge, it is considered rude to make up nicknames for people
unless you are a close friend or relative.

Secondly: seriously?  Read the whole thing.  Read the entire site.  It
is very clear to everybody here that you don't have the slightest idea
what you're doing.

DES
-- 
Dag-Erling Smørgrav - des@des.no