From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <davehart@gmail.com>
Received: from mail-wy0-f171.google.com (mail-wy0-f171.google.com
	[74.125.82.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
	(Client CN "smtp.gmail.com",
	Issuer "Google Internet Authority" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 259CB200876;
	Fri, 15 Jul 2011 20:27:30 -0700 (PDT)
Received: by wyi11 with SMTP id 11so1785310wyi.16
	for <multiple recipients>; Fri, 15 Jul 2011 21:05:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:reply-to:in-reply-to:references:from:date:message-id
	:subject:to:cc:content-type;
	bh=ZlGtsWBXkI8arjI/T6RldfgfQQpHsylKfT6T/HCO3bM=;
	b=SBBLWYSYx73FAV6f192TLw+8/TpJe4tYT6l1VvBaR+qbNc1fa6b1sNIUqsm7gyI/fH
	aAAMtvnuLNuwzJelqmN0P2Aba/0VGX8YW5ZCwZbvu/mxnlpuWkn609FhYASP0JDQ74KJ
	mbtA//1rLkDGwyco0eRMAxkteMBQvJtHFt7rw=
Received: by 10.227.60.140 with SMTP id p12mr2234603wbh.30.1310789139089; Fri,
	15 Jul 2011 21:05:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.227.19.144 with HTTP; Fri, 15 Jul 2011 21:05:19 -0700 (PDT)
In-Reply-To: <CAA93jw6CaJ7LAF58HHXQt=tQd1DYXRrNUCrM-gd5JhTKJs0K8g@mail.gmail.com>
References: <CAA93jw6CaJ7LAF58HHXQt=tQd1DYXRrNUCrM-gd5JhTKJs0K8g@mail.gmail.com>
From: Dave Hart <davehart@gmail.com>
Date: Sat, 16 Jul 2011 04:05:19 +0000
Message-ID: <CAMbSiYDp3A7LVp1yNaBZNTTe+OuzyMiGrGzBqNrd13dpgSUd+g@mail.gmail.com>
Subject: Re: smoketest #6 of cerowrt is go for testing
To: Dave Taht <dave.taht@gmail.com>
Content-Type: text/plain; charset=UTF-8
Cc: bloat-devel <bloat-devel@lists.bufferbloat.net>,
	bismark-devel@lists.bufferbloat.net, bismark-bootcamp@projectbismark.net
X-BeenThere: bloat-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
Reply-To: davehart_gmail_exchange_tee@davehart.net
List-Id: "Developers working on AQM, device drivers,
	and networking stacks" <bloat-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/bloat-devel>,
	<mailto:bloat-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/bloat-devel>
List-Post: <mailto:bloat-devel@lists.bufferbloat.net>
List-Help: <mailto:bloat-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/bloat-devel>,
	<mailto:bloat-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Sat, 16 Jul 2011 03:27:31 -0000

On Sat, Jul 16, 2011 at 02:40 UTC, Dave Taht <dave.taht@gmail.com> wrote:
> 0) We have a priority 3 issue with ntp starting up. NTP times out too early
> it keeps restarting, and restarting, and restarting... (it's on a 10 second
> timer) This is related to the dnssec issue I'm well aware of. It looks like
> 60 second timer would work better)

10 seconds is too small, but sometimes one minute might be too small a
timeout, too.  If possible, it may make sense to start ntpd, then
start time-step-tolerant daemons, then use the ntp-wait script to
block until ntpd's first clock sync, then start time-step-sensitive
daemons.

> (dnssec IS disabled by default in this build, so ntp isn't even needed
> and does eventually get the correct time if you kill off named.montime - and
> the right answer is to patch ntp to just issue the first queries for
>
> ntp -g option
>
> with the auth-needed bit off... I have NO idea how to do that with dnssec.

ntpd doesn't request dnssec verification -- it simply uses the
provided getaddrinfo().  Any tweaking of the resolver to avoid
requiring DNSSEC validation of queries will be outside the ntpd source
code.

Cheers,
Dave Hart