On 2025/10/21 15:33, Theo de Raadt wrote:
> David Hill <dhill@mindcry.org> wrote:
> 
> > This diff adds DSCP EF for ipv6 ntp packets, and switches ipv4 to it
> > as well.  This also matches
> > https://github.com/ntp-project/ntp/blob/8a37f9b66d374b164531f0189caba4cbfd68bb61/ntpd/ntp_io.c#L79
> 
> I don't actually believe this is a good idea.
> 
> If other services on a path abuse the EF tag, that could lead to packets
> being dropped by a router.  And could have more negative impacts upon
> ntp communication than the positive effects being theorized (which I
> suspect are marginal).  I do not think ntp traffic, in particular
> relating to openntpd on openbsd machines, are sensitive enough to be
> improved by this tweak, but are more likely harmed by traffic losses.
> 
> 

oh, this is UDP of course, it wouldn't be a huge surprise if some
networks put tougher policing on it than TCP...

will be interesting to see how this goes with ntpd (though I guess
it's not that a big player now - chrony and systemd-timesync are
probably more important now - chrony allows setting codepoints
but doesn't do it by dsfault - systemd-timesync does set by default
and... https://github.com/systemd/systemd/issues/37403