<div dir="ltr"><div><font color="#444444" face="Raleway, sans-serif" size="3">chrony does today btw</font></div><ul style="margin:5px 0px 5px 20px;padding:0px;color:rgb(68,68,68);font-family:Raleway,sans-serif;font-size:medium"><li style="word-wrap:break-word;word-break:break-word">debian/chrony-helper:<ul style="margin:5px 0px 5px 20px;padding:0px"><li style="word-wrap:break-word;word-break:break-word">New helper script to make use of NTP servers obtained from DHCP and</li></ul>_ntp._udp DNS SRV records.</li></ul></div><br><div class="gmail_quote"><div dir="ltr">On Sat, Sep 22, 2018 at 8:31 AM Matus UHLAR - fantomas <<a href="mailto:uhlar@fantomas.sk">uhlar@fantomas.sk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">>>> On 9/21/2018 3:57 PM, Mauricio Tavares wrote:<br>
>>>> But that is not, as Ray said, automated discovery. You are<br>
>>>> asking the computer to make assumptions, i.e. "if I am in domain<br>
>>>> <a href="http://hey.com" rel="noreferrer" target="_blank">hey.com</a>, the ntp is <a href="http://ntp.hey.com" rel="noreferrer" target="_blank">ntp.hey.com</a>." I am more on the lines of "hey<br>
>>>> domain thingie. You know where a lot of your basic network resources<br>
>>>> are. If you have a ntp server do you know where it is just like you<br>
>>>> know where your mail, LDAP, and kerbie servers are hiding?"<br>
<br>
>> Am 21.09.18 um 22:19 schrieb Danny Mayer:<br>
>>> That's not what I wrote. Someone needs to maintain an SRV record. It's<br>
>>> not a good idea for domains to announce their NTP servers since they can<br>
>>> be abused by others not authorized to use them. We've had plenty of<br>
>>> abuse along those lines along with DDOS attacks. What the ntp CNAME<br>
>>> would do is point to a number of other servers to use and you don't need<br>
>>> to call it ntp, it's just a string.<br>
<br>
>On 9/21/2018 6:33 PM, Reindl Harald wrote:<br>
>> but *nobody* cares about what is a good idea when the question was<br>
>> simply "does ntp discovery work" where the answer is simply no<br>
<br>
On 21.09.18 21:39, Danny Mayer wrote:<br>
>No, that's not true. Consider what you are doing. You are substituting<br>
>SRV records for CNAME records. There is nothing magical here. NTP can<br>
>use the CNAME records. Either way the records have to be configured.<br>
>What do you think you are discovering? SRV records aren't magic.<br>
<br>
The OP request indicated that they wish for ntp autoconfiguration. There is<br>
no autoconfiguration we know of, unless DHCP that was reported often not to<br>
work.<br>
<br>
using either CNAME or SRV records won't change the fact that ntp server does<br>
not autoconfigure itself.<br>
<br>
Neither of them also changes the fact that the NTP configuration is not<br>
related to domain, but to the local network.<br>
<br>
<br>
-- <br>
Matus UHLAR - fantomas, <a href="mailto:uhlar@fantomas.sk" target="_blank">uhlar@fantomas.sk</a> ; <a href="http://www.fantomas.sk/" rel="noreferrer" target="_blank">http://www.fantomas.sk/</a><br>
Warning: I wish NOT to receive e-mail advertising to this address.<br>
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.<br>
Chernobyl was an Windows 95 beta test site.<br>
_______________________________________________<br>
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">- Andrew "lathama" Latham -</div></div>