From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yk0-x232.google.com (mail-yk0-x232.google.com [IPv6:2607:f8b0:4002:c07::232]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id B502C201112 for ; Sun, 23 Mar 2014 05:11:28 -0700 (PDT) Received: by mail-yk0-f178.google.com with SMTP id 79so11586668ykr.9 for ; Sun, 23 Mar 2014 05:11:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=G52+s59HDJ5/IiOjDrXKLSTlyY7JZ3lSNiFXFpcoCvs=; b=c/8ptBzDO2OntRf0xhWcINwYx+jqlpJ2f6st/NVtc5uMaY7WSirBziCQVUhk0Da8Qw finQ9tYAwbFCInk2mZNP/Zy4oX7DVMBLC6bKjoHbSnQFCn57PtmZknOysKy5xri4zIzd 2EuR1KSuz1j8lTbhMhcFHgjRVB362hpH1iCLtOYXbRe9w7RmYkfQZno/zHgngyF6AEYn mnRtWPXoEhsKN9KtSKwUTq/1ZjfeUQpQDXtaqzmZ1up6j+tvTaidEwlUjDO4JXxHEBf3 MDvDiX1dTaDyphy+J+FJOPvPGcLZOdLQfr3QHmVA8PDjGY2pHyHK4Ebf5vKalyoCVSSy g9YA== X-Received: by 10.236.181.137 with SMTP id l9mr693975yhm.97.1395576687317; Sun, 23 Mar 2014 05:11:27 -0700 (PDT) MIME-Version: 1.0 Received: by 10.170.47.78 with HTTP; Sun, 23 Mar 2014 05:11:07 -0700 (PDT) In-Reply-To: <8738i9rwrx.fsf@alrua-x1.karlstad.toke.dk> References: <8738i9rwrx.fsf@alrua-x1.karlstad.toke.dk> From: David Personette Date: Sun, 23 Mar 2014 08:11:07 -0400 Message-ID: To: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= Content-Type: multipart/alternative; boundary=20cf3040ea10b4578404f5450465 Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] DNSSEC & NTP Bootstrapping X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 12:11:29 -0000 --20cf3040ea10b4578404f5450465 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable The simplest solution seems to be to cache a lookup of pool.ntp.org. It would only need to be used if the normal DNS target for ntpdate fails. Once time is set, we can update the cached values of the pool once again (if they've changed). --=20 David P. On Sun, Mar 23, 2014 at 7:15 AM, Toke H=C3=B8iland-J=C3=B8rgensen wrote: > Aaron Wood writes: > > > or we find a way to have long-lived dnssec entries. > > Is the timing controllable somehow? I.e. would it be possible to set up > a special domain name with a really long-lived key that could be queried > indefinitely for the IP address of one or more NTP servers, even in the > face of an a wrong clock? > > -Toke > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > --20cf3040ea10b4578404f5450465 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
The simplest solution seems to be to cache a lookup of pool.ntp.org. It would only need to be use= d if the normal DNS target for ntpdate fails. Once time is set, we can upda= te the cached values of the pool once again (if they've changed).

--
David P.



On Sun, Mar 23, 2014 at 7:15 AM, Tok= e H=C3=B8iland-J=C3=B8rgensen <toke@toke.dk> wrote:
Aaron Wood <woody77= @gmail.com> writes:

> or we find a way to have long-lived dnssec entries.

Is the timing controllable somehow? I.e. would it be possible to set = up
a special domain name with a really long-lived key that could be queried indefinitely for the IP address of one or more NTP servers, even in the
face of an a wrong clock?

-Toke

_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel


--20cf3040ea10b4578404f5450465--