NTPsec gets bad responses from Amazon NTP servers
(This was discussed on IRC earlier, but to put it in a more permanent medium...)
Ubuntu 16.04 x86-64, NTPsec [recent Git].
Amazon recently made NTP servers available within EC2 VPCs at 169.254.169.123. (They use leap smearing, though.)
https://aws.amazon.com/blogs/aws/keeping-time-with-amazon-time-sync-service/
Anyway, when using NTPsec as a client, 33% of Amazon's responses are rejected. Usually (32 percentage points) for having bad origin timestamps (BOGON2
/bogusorg
) and occasionally (1 pp) for being a duplicate (BOGON1
/oldpkt
).
I don't know about the duplicate packets, but it's true that the bad origin packets have bogus origin timestamps. And bogus transmit timestamps.
Amazon Time Sync Service really is sending bogus packets 33% of the time.
But it only sends bogus packets when the client is NTPsec.
When i ran NTP Classic 4.2.8p4 for a few hours, every packet Amazon sent was good.
Example tcpdump -nttttv
:
2017-12-02 03:44:10.122462 IP (tos 0xb8, ttl 64, id 60450, offset 0, flags [DF], proto UDP (17), length 76)
172.31.43.244.123 > 169.254.169.123.123: NTPv4, length 48
Client, Leap indicator: (0), Stratum 2 (secondary reference), poll 10 (1024s), precision -22
Root Delay: 0.015960, Root dispersion: 0.027160, Reference-ID: 209.51.161.238
Reference Timestamp: 3721174590.138570481 (2017/12/02 03:36:30)
Originator Timestamp: 3721173968.122440751 (2017/12/02 03:26:08)
Receive Timestamp: 3721173968.122857131 (2017/12/02 03:26:08)
Transmit Timestamp: 3721175050.122424670 (2017/12/02 03:44:10)
Originator - Receive Timestamp: +0.000416379
Originator - Transmit Timestamp: +1081.999983918
2017-12-02 03:44:10.122870 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 76)
169.254.169.123.123 > 172.31.43.244.123: NTPv4, length 48
Server, Leap indicator: (0), Stratum 3 (secondary reference), poll 10 (1024s), precision -26
Root Delay: 0.000244, Root dispersion: 0.000122, Reference-ID: 10.66.1.118
Reference Timestamp: 3721174966.056185199 (2017/12/02 03:42:46)
Originator Timestamp: 3721173968.122857131 (2017/12/02 03:26:08)
Receive Timestamp: 3721175050.122473316 (2017/12/02 03:44:10)
Transmit Timestamp: 3721173968.122570781 (2017/12/02 03:26:08)
Originator - Receive Timestamp: +1081.999616185
Originator - Transmit Timestamp: -0.000286349
2017-12-02 04:01:32.122483 IP (tos 0xb8, ttl 64, id 39385, offset 0, flags [DF], proto UDP (17), length 76)
172.31.43.244.123 > 169.254.169.123.123: NTPv4, length 48
Client, Leap indicator: (0), Stratum 2 (secondary reference), poll 10 (1024s), precision -22
Root Delay: 0.015914, Root dispersion: 0.023147, Reference-ID: 209.51.161.238
Reference Timestamp: 3721175658.138400847 (2017/12/02 03:54:18)
Originator Timestamp: 3721173968.122440751 (2017/12/02 03:26:08)
Receive Timestamp: 3721173968.122857131 (2017/12/02 03:26:08)
Transmit Timestamp: 3721176092.122434500 (2017/12/02 04:01:32)
Originator - Receive Timestamp: +0.000416379
Originator - Transmit Timestamp: +2123.999993749
2017-12-02 04:01:32.122933 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 76)
169.254.169.123.123 > 172.31.43.244.123: NTPv4, length 48
Server, Leap indicator: (0), Stratum 3 (secondary reference), poll 10 (1024s), precision -26
Root Delay: 0.000244, Root dispersion: 0.000122, Reference-ID: 10.66.1.118
Reference Timestamp: 3721176000.432956010 (2017/12/02 04:00:00)
Originator Timestamp: 3721176092.122434500 (2017/12/02 04:01:32)
Receive Timestamp: 3721176092.122510253 (2017/12/02 04:01:32)
Transmit Timestamp: 3721176092.122633114 (2017/12/02 04:01:32)
Originator - Receive Timestamp: +0.000075753
Originator - Transmit Timestamp: +0.000198614
pcap (38 KiB):
https://mn0.us/SybbVrLGTfdBhrA41VmfkpQ/ntp8_2017-12-02_05_169.254.169.123_ntp.pcap