* custom ntp server in phosphor-networkd
@ 2019-08-26 16:25 Alexander A. Filippov
2019-08-26 17:23 ` Vernon Mauery
0 siblings, 1 reply; 8+ messages in thread
From: Alexander A. Filippov @ 2019-08-26 16:25 UTC (permalink / raw)
To: openbmc
Our customers complain that they can't set custom ntp while dhcp is enabled on
bmc network interface.
I found out that the phosphor-networkd doesn't allow it in fact and it awaits
the list of ntp-servers in response from dhcp server. When BMC is configured
with a static IP address phosphor-networkd keep a list of ntp-service in the
configuration file of the network interface. In my opinion it is wrong.
I propose to change this behavior:
- the list of ntp-service should be kept in /etc/systemd/timesyncd.conf
- the customization of ntp-servers should be independent from the network
inferface configuration.
thoughts, doubts?
Regards,
Alexander
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-26 16:25 custom ntp server in phosphor-networkd Alexander A. Filippov
@ 2019-08-26 17:23 ` Vernon Mauery
2019-08-27 5:58 ` Ratan Gupta
0 siblings, 1 reply; 8+ messages in thread
From: Vernon Mauery @ 2019-08-26 17:23 UTC (permalink / raw)
To: Alexander A. Filippov; +Cc: openbmc
On 26-Aug-2019 07:25 PM, Alexander A. Filippov wrote:
> Our customers complain that they can't set custom ntp while dhcp is enabled on
> bmc network interface.
>
> I found out that the phosphor-networkd doesn't allow it in fact and it awaits
> the list of ntp-servers in response from dhcp server. When BMC is configured
> with a static IP address phosphor-networkd keep a list of ntp-service in the
> configuration file of the network interface. In my opinion it is wrong.
This is pretty common behavior for DHCP settings. The DHCP server can
respond with all sorts of settings beyond just the ip/netmask/gateway.
NTP, DNS, TFTP (for PXE), etc., are all things that might get returned
by the DHCP server. Generally, if you are using DHCP, you just accept
those responses and use them because you assume that the network
administrator did the right thing and set them up.
> I propose to change this behavior:
> - the list of ntp-service should be kept in /etc/systemd/timesyncd.conf
> - the customization of ntp-servers should be independent from the network
> inferface configuration.
>
It seems to me that if you are using static settings for your network,
then you would also have static (or user-supplied) settings for NTP and
DNS. But if you are using DHCP for the network, it would make sense to
use the NTP and DNS settings supplied by the DHCP server.
Now it might also be nice to have some reasonable defaults for NTP
servers. It is not uncommon to have IP gateways also be NTP servers, so
it might be reasonable to attempt to use the gateway as an NTP server if
none was specified in the DHCP response. I don't like the idea of
setting the default NTP server to be something that is globally
addressable because that makes the assumption that the BMC can reach
global networks, which should not be the case.
--Vernon
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-26 17:23 ` Vernon Mauery
@ 2019-08-27 5:58 ` Ratan Gupta
2019-08-27 7:43 ` Alexander A. Filippov
0 siblings, 1 reply; 8+ messages in thread
From: Ratan Gupta @ 2019-08-27 5:58 UTC (permalink / raw)
To: openbmc
[-- Attachment #1: Type: text/plain, Size: 3264 bytes --]
On 26/08/19 10:53 PM, Vernon Mauery wrote:
> On 26-Aug-2019 07:25 PM, Alexander A. Filippov wrote:
>> Our customers complain that they can't set custom ntp while dhcp is enabled on
>> bmc network interface.
>>
>> I found out that the phosphor-networkd doesn't allow it in fact and it awaits
>> the list of ntp-servers in response from dhcp server. When BMC is configured
>> with a static IP address phosphor-networkd keep a list of ntp-service in the
>> configuration file of the network interface. In my opinion it is wrong.
Why this is wrong, Following are the rules for adding the NTP servers
The NTP server to be used will be determined using the following rules:
* Any per-interface NTP servers obtained
from|systemd-networkd.service(8)|configuration or via DHCP take
precedence.
* The NTP servers defined in|/etc/systemd/timesyncd.conf|will be
appended to the per-interface list at runtime and the daemon will
contact the servers in turn until one is found that responds.
* If no NTP server information is acquired after completing those
steps, the NTP server host names or IP addresses defined
in|FallbackNTP=|will be used
I don't see a problem in adding the NTP servers in the networkd.conf,
Spec also suggest the same.
https://wiki.archlinux.org/index.php/systemd-timesyncd
Administrator may/not configure the DHCP server with NTP servers, To
make it simple we put a check that if DHCP is enabled then don't allow
the NTP server configuration.
If we have a scenario where DHCP server is configured as "Don't send the
NTP Server" and we want the NTP server we have two ways
=> Either ask the admin to make the changes in the DHCP server to supply
the NTP server.
=> We may allow the NTP server configuration even if the interface mode
is DHCP.
> This is pretty common behavior for DHCP settings. The DHCP server can
> respond with all sorts of settings beyond just the ip/netmask/gateway.
> NTP, DNS, TFTP (for PXE), etc., are all things that might get returned
> by the DHCP server. Generally, if you are using DHCP, you just accept
> those responses and use them because you assume that the network
> administrator did the right thing and set them up.
I agree with vernon and that was the intention behind the
>
>> I propose to change this behavior:
>> - the list of ntp-service should be kept in /etc/systemd/timesyncd.conf
>> - the customization of ntp-servers should be independent from the network
>> inferface configuration.
>>
> It seems to me that if you are using static settings for your network,
> then you would also have static (or user-supplied) settings for NTP and
> DNS. But if you are using DHCP for the network, it would make sense to
> use the NTP and DNS settings supplied by the DHCP server.
>
> Now it might also be nice to have some reasonable defaults for NTP
> servers. It is not uncommon to have IP gateways also be NTP servers, so
> it might be reasonable to attempt to use the gateway as an NTP server if
> none was specified in the DHCP response. I don't like the idea of
> setting the default NTP server to be something that is globally
> addressable because that makes the assumption that the BMC can reach
> global networks, which should not be the case.
>
> --Vernon
[-- Attachment #2: Type: text/html, Size: 6165 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-27 5:58 ` Ratan Gupta
@ 2019-08-27 7:43 ` Alexander A. Filippov
2019-08-27 10:32 ` Ratan Gupta
0 siblings, 1 reply; 8+ messages in thread
From: Alexander A. Filippov @ 2019-08-27 7:43 UTC (permalink / raw)
To: openbmc
On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
> This is pretty common behavior for DHCP settings.
On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
> Why this is wrong,
Ok, ok. I wasn't clear enough. My appologies.
I've meant that the impossibility to add a custom ntp server while dhcp is
enabled is wrong. Of course, the list of ntp servers received from DHCP-server
must be used. And I propose to move only manual settings.
I believe that it is a same stuff with DNS-servers, routes. But probably, the
BMC is not such kind of devices which is required such deep settings. One of the
possible reasons was specified by Vernon quoted below:
On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
> It seems to me that if you are using static settings for your network,
> then you would also have static (or user-supplied) settings for NTP and
> DNS. But if you are using DHCP for the network, it would make sense to
> use the NTP and DNS settings supplied by the DHCP server.
>
> Now it might also be nice to have some reasonable defaults for NTP
> servers. It is not uncommon to have IP gateways also be NTP servers, so
> it might be reasonable to attempt to use the gateway as an NTP server if
> none was specified in the DHCP response. I don't like the idea of
> setting the default NTP server to be something that is globally
> addressable because that makes the assumption that the BMC can reach
> global networks, which should not be the case.
On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
> * The NTP servers defined in|/etc/systemd/timesyncd.conf|will be
> appended to the per-interface list at runtime and the daemon will
> contact the servers in turn until one is found that responds.
So, my propose is to implement this point.
Regards,
Alexander
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-27 7:43 ` Alexander A. Filippov
@ 2019-08-27 10:32 ` Ratan Gupta
2019-08-27 14:52 ` Johnathan Mantey
2019-08-27 15:14 ` Alexander Amelkin
0 siblings, 2 replies; 8+ messages in thread
From: Ratan Gupta @ 2019-08-27 10:32 UTC (permalink / raw)
To: openbmc
[-- Attachment #1: Type: text/plain, Size: 3030 bytes --]
On 27/08/19 1:13 PM, Alexander A. Filippov wrote:
> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>> This is pretty common behavior for DHCP settings.
>
> On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
>> Why this is wrong,
> Ok, ok. I wasn't clear enough. My appologies.
>
> I've meant that the impossibility to add a custom ntp server while dhcp is
> enabled is wrong. Of course, the list of ntp servers received from DHCP-server
> must be used. And I propose to move only manual settings.
>
> I believe that it is a same stuff with DNS-servers, routes. But probably, the
> BMC is not such kind of devices which is required such deep settings. One of the
> possible reasons was specified by Vernon quoted below:
>
> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>> It seems to me that if you are using static settings for your network,
>> then you would also have static (or user-supplied) settings for NTP and
>> DNS. But if you are using DHCP for the network, it would make sense to
>> use the NTP and DNS settings supplied by the DHCP server.
>>
>> Now it might also be nice to have some reasonable defaults for NTP
>> servers. It is not uncommon to have IP gateways also be NTP servers, so
>> it might be reasonable to attempt to use the gateway as an NTP server if
>> none was specified in the DHCP response. I don't like the idea of
>> setting the default NTP server to be something that is globally
>> addressable because that makes the assumption that the BMC can reach
>> global networks, which should not be the case.
I have the following suggestion
=> By default all the DHCP optional parameters will be set to false(i.e
Don't ask the optional info from the DHCP server) => If users wants the
DHCP provided configuration then it has to set the specific optional
parameters to true(Say NTPEnabled=true). => User configures the Static
NTP => Check if DHCP is enabled then look for the DHCP configuration
parameters, if "NTP Enabled is true"
then user wants the NTP server from the DHCP and in that case don't
allow the static configuration.
=> if DHCP is enabled but in DHCP configuration parameters "NTP Enabled
is false"
then user doesn't want the NTP server from the DHCP and allow the static
configuration.
Link:
https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Network/DHCPConfiguration.interface.yaml
Note: It may happen that user has set DHCP Configuration parameters on
the BMC to take the NTP server details from the
DHCP server but have not configured the DHCP server to provide the NTP
server, in that case
Static NTP server configuration will not be allowed.
>
> On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
>> * The NTP servers defined in|/etc/systemd/timesyncd.conf|will be
>> appended to the per-interface list at runtime and the daemon will
>> contact the servers in turn until one is found that responds.
> So, my propose is to implement this point.
>
> Regards,
> Alexander
>
[-- Attachment #2: Type: text/html, Size: 8293 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-27 10:32 ` Ratan Gupta
@ 2019-08-27 14:52 ` Johnathan Mantey
2019-08-28 8:41 ` Alexander A. Filippov
2019-08-27 15:14 ` Alexander Amelkin
1 sibling, 1 reply; 8+ messages in thread
From: Johnathan Mantey @ 2019-08-27 14:52 UTC (permalink / raw)
To: Ratan Gupta, openbmc
[-- Attachment #1.1.1: Type: text/plain, Size: 4171 bytes --]
Ratan, Alexander,
I've pushed code to improve DHCP recently which may be of value in this
instance.
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-dbus-interfaces/+/24665
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-networkd/+/24666
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/24725
This implements a greater set of control over the DHCP from Redfish. I
believe I tested using DHCP, while UseNTPServers = false was active. I
then explicitly defined a static NTP server from one of the Intel
chimers. I was able to get my clock updated from the assigned NTP
server. Prior to this change NTP requests to the google chimers went
unanswered, as our BMC network can't get to the internet.
On 8/27/19 3:32 AM, Ratan Gupta wrote:
> On 27/08/19 1:13 PM, Alexander A. Filippov wrote:
>> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>>> This is pretty common behavior for DHCP settings.
>> On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
>>> Why this is wrong,
>> Ok, ok. I wasn't clear enough. My appologies.
>>
>> I've meant that the impossibility to add a custom ntp server while dhcp is
>> enabled is wrong. Of course, the list of ntp servers received from DHCP-server
>> must be used. And I propose to move only manual settings.
>>
>> I believe that it is a same stuff with DNS-servers, routes. But probably, the
>> BMC is not such kind of devices which is required such deep settings. One of the
>> possible reasons was specified by Vernon quoted below:
>>
>> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>>> It seems to me that if you are using static settings for your network,
>>> then you would also have static (or user-supplied) settings for NTP and
>>> DNS. But if you are using DHCP for the network, it would make sense to
>>> use the NTP and DNS settings supplied by the DHCP server.
>>>
>>> Now it might also be nice to have some reasonable defaults for NTP
>>> servers. It is not uncommon to have IP gateways also be NTP servers, so
>>> it might be reasonable to attempt to use the gateway as an NTP server if
>>> none was specified in the DHCP response. I don't like the idea of
>>> setting the default NTP server to be something that is globally
>>> addressable because that makes the assumption that the BMC can reach
>>> global networks, which should not be the case.
> I have the following suggestion
>
>
> => By default all the DHCP optional parameters will be set to
> false(i.e Don't ask the optional info from the DHCP server) => If
> users wants the DHCP provided configuration then it has to set the
> specific optional parameters to true(Say NTPEnabled=true). => User
> configures the Static NTP => Check if DHCP is enabled then look for
> the DHCP configuration parameters, if "NTP Enabled is true"
> then user wants the NTP server from the DHCP and in that case don't
> allow the static configuration.
> => if DHCP is enabled but in DHCP configuration parameters "NTP
> Enabled is false"
> then user doesn't want the NTP server from the DHCP and allow the
> static configuration.
>
> Link:
> https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Network/DHCPConfiguration.interface.yaml
>
> Note: It may happen that user has set DHCP Configuration parameters on
> the BMC to take the NTP server details from the
> DHCP server but have not configured the DHCP server to provide the NTP
> server, in that case
> Static NTP server configuration will not be allowed.
>> On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
>>> * The NTP servers defined in|/etc/systemd/timesyncd.conf|will be
>>> appended to the per-interface list at runtime and the daemon will
>>> contact the servers in turn until one is found that responds.
>> So, my propose is to implement this point.
>>
>> Regards,
>> Alexander
>>
--
Johnathan Mantey
Senior Software Engineer
*azad te**chnology partners*
Contributing to Technology Innovation since 1992
Phone: (503) 712-6764
Email: johnathanx.mantey@intel.com <mailto:johnathanx.mantey@intel.com>
[-- Attachment #1.1.2: Type: text/html, Size: 10772 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-27 10:32 ` Ratan Gupta
2019-08-27 14:52 ` Johnathan Mantey
@ 2019-08-27 15:14 ` Alexander Amelkin
1 sibling, 0 replies; 8+ messages in thread
From: Alexander Amelkin @ 2019-08-27 15:14 UTC (permalink / raw)
To: openbmc
[-- Attachment #1.1.1: Type: text/plain, Size: 3390 bytes --]
27.08.2019 13:32, Ratan Gupta wrote:
> On 27/08/19 1:13 PM, Alexander A. Filippov wrote:
>> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>>> This is pretty common behavior for DHCP settings.
>> On Tue, Aug 27, 2019 at 11:28:36AM +0530, Ratan Gupta wrote:
>>> Why this is wrong,
>> Ok, ok. I wasn't clear enough. My appologies.
>>
>> I've meant that the impossibility to add a custom ntp server while dhcp is
>> enabled is wrong. Of course, the list of ntp servers received from DHCP-server
>> must be used. And I propose to move only manual settings.
>>
>> I believe that it is a same stuff with DNS-servers, routes. But probably, the
>> BMC is not such kind of devices which is required such deep settings. One of the
>> possible reasons was specified by Vernon quoted below:
>>
>> On Mon, Aug 26, 2019 at 10:23:15AM -0700, Vernon Mauery wrote:
>>> It seems to me that if you are using static settings for your network,
>>> then you would also have static (or user-supplied) settings for NTP and
>>> DNS. But if you are using DHCP for the network, it would make sense to
>>> use the NTP and DNS settings supplied by the DHCP server.
>>>
>>> Now it might also be nice to have some reasonable defaults for NTP
>>> servers. It is not uncommon to have IP gateways also be NTP servers, so
>>> it might be reasonable to attempt to use the gateway as an NTP server if
>>> none was specified in the DHCP response. I don't like the idea of
>>> setting the default NTP server to be something that is globally
>>> addressable because that makes the assumption that the BMC can reach
>>> global networks, which should not be the case.
> I have the following suggestion
>
>
> => By default all the DHCP optional parameters will be set to false(i.e Don't
> ask the optional info from the DHCP server) => If users wants the DHCP
> provided configuration then it has to set the specific optional parameters to
> true(Say NTPEnabled=true).
I'd say that sysadmins won't be happy with this approach. If I were them I'd
prefer this:
1. If DHCP is globally enabled for the BMC and the DHCP server sends any
parameters, then they take precedence
2. If any of the optional parameters are not provided by DHCP server or DHCP is
globally disabled for the BMC, then statically defined settings are used
IMO, that is a very simple and deterministic approach without any
easy-to-overlook settings.
> => User configures the Static NTP => Check if DHCP is enabled then look for
> the DHCP configuration parameters, if "NTP Enabled is true"
> then user wants the NTP server from the DHCP and in that case don't allow the
> static configuration.
> => if DHCP is enabled but in DHCP configuration parameters "NTP Enabled is false"
> then user doesn't want the NTP server from the DHCP and allow the static
> configuration.
>
> Link:
> https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Network/DHCPConfiguration.interface.yaml
>
> Note: It may happen that user has set DHCP Configuration parameters on the BMC
> to take the NTP server details from the
> DHCP server but have not configured the DHCP server to provide the NTP server,
> in that case
> Static NTP server configuration will not be allowed.
With best regards,
Alexander Amelkin,
BIOS/BMC Team Lead, YADRO
https://yadro.com
[-- Attachment #1.1.2: Type: text/html, Size: 9405 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: custom ntp server in phosphor-networkd
2019-08-27 14:52 ` Johnathan Mantey
@ 2019-08-28 8:41 ` Alexander A. Filippov
0 siblings, 0 replies; 8+ messages in thread
From: Alexander A. Filippov @ 2019-08-28 8:41 UTC (permalink / raw)
To: openbmc
On Tue, Aug 27, 2019 at 07:52:12AM -0700, Johnathan Mantey wrote:
> Ratan, Alexander,
>
> I've pushed code to improve DHCP recently which may be of value in this
> instance.
>
> https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-dbus-interfaces/+/24665
> https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-networkd/+/24666
> https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/24725
>
> This implements a greater set of control over the DHCP from Redfish. I
> believe I tested using DHCP, while UseNTPServers = false was active. I
> then explicitly defined a static NTP server from one of the Intel
> chimers. I was able to get my clock updated from the assigned NTP
> server. Prior to this change NTP requests to the google chimers went
> unanswered, as our BMC network can't get to the internet.
>
Thanks Johnathan, it looks like a solution for the issue.
Regards,
Alexander
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2019-08-28 8:41 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-26 16:25 custom ntp server in phosphor-networkd Alexander A. Filippov
2019-08-26 17:23 ` Vernon Mauery
2019-08-27 5:58 ` Ratan Gupta
2019-08-27 7:43 ` Alexander A. Filippov
2019-08-27 10:32 ` Ratan Gupta
2019-08-27 14:52 ` Johnathan Mantey
2019-08-28 8:41 ` Alexander A. Filippov
2019-08-27 15:14 ` Alexander Amelkin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.