Hi,
As seen in another thread there are some questionms on how ntpd works
if no relatime clock is available or it's battery is dead. This poses
problems since ntpd needs DNS and if the time is not right, DNSSEC
validation might fail.
The goals it to work in as mancy cass as possible , but also stop
attempts quickly if ntpd sees it's not going to work out, to avoid
unneeded delays booting: ntpd only backgrounds if it succeeds in
setting the time or realises it is not going to work.
So the hardest case is a machine without proper RTC that only uses a
resolver running on itself.
It goes more or less like this:
1. ntpd check if DNS is working by doing a probe
2. if that fails it does a CD (Checking Disabled) probe. This disables
DNSSEC for that query and should get an answer even if the time is wrong.
3. If that failes it gives up.
4. Otherwise is resolves the needed names (potentially with CD flag)
and gets the time via constraints and NTP packets.
5. If the time is to be moved forward, it does so.
6. In all other cases it does not set the time and backgrounds.
7. After the time is synced, it wil no longer do CD queries and
re-query names.
I (and others) spend quite some time in getting that right and it
works in many cases. But there are some machines that might not work,
especially slow machines. I consider RTC-less machines broken, so we
are not going to introduce extra delays to comfort those and hinder
other cases. You might get such a slow machine to work by introducing
a sleep in specific places, e.g. after network startup or resolver
starting.
But in many cases it is much easier to just add an extra resolver (not
runing on the machine in question) to resolv.conf.
-Otto
No comments:
Post a Comment