[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Feature Request - Time Server
 Date:  Tue, 3 Aug 2004 01:41:35 -0700 (PDT)
On Mon, 2 Aug 2004, Ray Karpeles wrote:

> Are there any plans to include a time server in M0n0wall that my
> internal clients can use?
> Since the firewall already has the capability to probe a time server I'd
> like to not have my clients have to go "external" for a time sync.

A good idea in principle, but there are a few problems in doing that with

1) The version used on m0n0wall has a bug where it thinks there's a
"conflict" in running a daemon-mode client and a server simultaneously.

2) It has no ability to provide a proper dispersion value, which would
give clients an overly optimistic view of the time accuracy.  In fact,
many clients might even fail due to the apparent nonoverlap in multiple
samples of the offset.  I think this is the main reason for the "or server
if you must" comment in the doc.

3) Its excessive use of floating point causes echoed client timestamps to
be only approximately equal to the originals, which would confuse any
client that checks the responses carefully enough (though msntp itself in
client mode doesn't, to the point of getting thoroughly confused by
duplicate responses).

					Fred Wright