UDP/123 policers & status

Mon Mar 30 08:15:51 UTC 2020

On 3/29/2020 11:18 PM, Saku Ytti wrote:
> On Mon, 30 Mar 2020 at 01:58, Ragnar Sundblad <ragge at kth.se> wrote:
> 
>> A protocol with varying packet size, as the NTS protected NTP is,
>> can easily have the bad property of having responses larger than the
>> requests if not taken care. Don’t you see that?
> 
> Why? Why not pad requests to guarantee attenuation vector until
> authenticity of packets can be verified?
> 
> MinimaLT does this. I think all UDP based and initial TCP should do
> it, doing it for existing protocols may not be possible, but why not
> for new?
> 
> I proposed similar method for proxy-trace (bidir tracerouting) -
> https://github.com/ytti/proxy-trace/blob/master/draft-ytti-intarea-proxy-trace.xml#L169

Please help me understand this.

Exactly how bad is it if the query and response packets are of a
different size?  Does it matter at 4 bytes?  32?

what are the expected costs of different %s of response packets being
sent back?  I think this needs to be understood for a variety of
different sized query/response packets.

Then factor in the costs of padding the shorter packets.  Include the
cost of the actual bump in network bandwidth, which I suspect is
negligible, and at the same time we can do a reality check on the folks
who claim that NTP packets are a significant cause of the bufferbloat
problem.

Then we need to thoroughly study how the various size differences
between the client request and server response packets affect the
quality of time synchronization, in various network scenarios.  Some
have claimed this is clearly noticeable and significant.  I'd like to
see the experiments and the data.

NTF is very happy to do this work, incrementally if needed, if we can
get the necessary support and cooperation/collaboration.
-- 
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!