NTP working modes

3.9k Views Asked by At

I am new to NTP protocol. I read the RFC1305 and have some questions about NTP. My questions are related to NTP working modes. According to RFC1305 there are 8 modes

| 0 | reserved

| 1 | symmetric active

| 2 | symmetric passive

| 3 | client

| 4 | server

| 5 | broadcast

| 6 | NTP control message

| 7 | reserved for private use

My questions:

1- What are the differences between the symmetric passive device and symmetric active one?

2- Two symmetric active device can sync each other and Two passive active device can sync each other too ,but Can a symmetric passive device been synced by a symmetric active one and vice versa?

3- When a Symmetric passive device is connected to symmetric active one which one sends the NTP packet first?

4- What happens in broadcasting mode? Does the client send any NTP packet or only the broadcaster does that?

5- ”in order to sync some clients who have CLASS D IP ‘s , the server fills the 3 time stamp fields(receive time stamp is null) and set the mode to 5 and send the packet to 224.0.1.1 and clients get that packet and they send nothing in this procedure” Is this true?

6- Who sends the NTP control message? Client or broadcaster? What’s it for? What’s the appropriate answer for it?is it always 12 bytes long?

7- “A stratum 1 NTP server (GPS connected) acts like this: answer mode 1 requests with mode 2, mode 3 with mode 4 and mode 6 with 7” Is this true?

2

There are 2 best solutions below

0
On

Mode 6 is used by the ntpq program. It can for example query "a list of the peers known to the server as well as a summary of their state" (from the man page).

This has recently be exploited to do DDOS reflection attacks, because it can be triggered with spoofed IP address, and the reply is larger than the query. 1

For this reason mode 6 and 7 queries should be blocked from outside sources.

1
On

can only reply to a few questions:

-4. only the server (broadcaster) is allowed to send any ntp-packet in this mode clients only listen to the interface, parse the received packet and set their clock accordingly - there is no reply being send. but clients may send a ntp-request too, the server should then not reply to this one.

-5. right. there is no answer supposed to be send by this clients.