On 2025/10/21 15:55, Theo de Raadt wrote:
> Stuart Henderson <stu@spacehopper.org> wrote:
> 
> > On 2025/10/21 15:33, Theo de Raadt wrote:
> > > David Hill <dhill@mindcry.org> wrote:
> > > 
> > > > This diff adds DSCP EF for ipv6 ntp packets, and switches ipv4 to it
> > > > as well.  This also matches
> > > > https://github.com/ntp-project/ntp/blob/8a37f9b66d374b164531f0189caba4cbfd68bb61/ntpd/ntp_io.c#L79
> > > 
> > > I don't actually believe this is a good idea.
> > > 
> > > If other services on a path abuse the EF tag, that could lead to packets
> > > being dropped by a router.  And could have more negative impacts upon
> > > ntp communication than the positive effects being theorized (which I
> > > suspect are marginal).  I do not think ntp traffic, in particular
> > > relating to openntpd on openbsd machines, are sensitive enough to be
> > > improved by this tweak, but are more likely harmed by traffic losses.
> > > 
> > > 
> > 
> > oh, this is UDP of course, it wouldn't be a huge surprise if some
> > networks put tougher policing on it than TCP...
> 
> Yep.
> 
> > will be interesting to see how this goes with ntpd (though I guess
> > it's not that a big player now - chrony and systemd-timesync are
> > probably more important now - chrony allows setting codepoints
> > but doesn't do it by dsfault - systemd-timesync does set by default
> > and... https://github.com/systemd/systemd/issues/37403
> 
> On that last note, that looks a bit like a german name.

I was already writing a comment ;)