Bill Unruh wrote:
In that list of servers, there is a field for each NTP time provider, "Use
DNS". Many of the public servers in this table require that DNS be used
with their service. Here is one entry from the table:
There is absolutely no way they would know if you are using dns or not. All
communication with the server is via IP, and whether that is static IP or
dns
is unknown. The primary reason they say that is that they reserve the right
to
change the IP address of their server and if you are using a static
address,
there is no way you will know, except that it will not work anymore.
It is in the "terms of use". A reason to do this could be that they want to
offer this service now, but want to have
some way to terminate it in the (far) future. When they do no longer want to
offer NTP service, they can remove
the name from DNS and the usage of the service should disappear over time.
Only those that did not abide this rule
will remain. And with most NTP services, they will remain anyway for as long
the service is running, which of
course could be a couple of years for a few users. But most of them should
be gone in a couple of months.
It is not a rule, and is not something they could know whether you are
abiding
by it or not.
Remember that if they change the IP of the server, it can take up to 3 days
for that change to propagate through the set of DNS servers, so again they
cannot enforce their "rule" (which is not a rule anyway)
Do you think that rules are only valid when they can be actively enforced?
I think not. I think rules set by the provider of the service are there for
the users to abide to, and when they
don't like the rule their option is not to use the service.
A time server that uses DNS based rules for reference servers should fail
gracefully when the DNS does not return
an IP address (anymore). So, when it does a lookup only once it should issue
an error message about that server,
and proceed its startup as if that server was never there in the
configuration. When it is resolving DNS names on
a regular basis (e.g. once per day), it could keep the server configuration
and keep retrying the DNS lookup at
that same interval and start using the server when the DNS lookup succeeds.
Not starting the service at all is only an option when all the DNS lookups
have failed (i.e. there is no server) and
there is no mechanism to re-try the lookups. When there is, it is much
better to keep the service running.
(after all, a network may not be available at boot time and may become
available later)
Rob
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.