Cloudflare's roughtime broken?

cloudflare / roughtime

A secure clock-synchronization protocol for when rough is enough.

https://developers.cloudflare.com/time-services/roughtime/

Apache License 2.0

135 stars 29 forks source link

Cloudflare's roughtime broken? #7

Closed bluecmd closed 5 years ago

bluecmd commented 5 years ago

Not sure where to report this, but I'm having trouble interregating your roughtime server:

2018/10/02 21:47:43 Failed to get roughtime from roughtime.cloudflare.org:2002 (skipping): lookup roughtime.cloudflare.org on 8.8.8.8:53: server misbehaving

The first error can be an DNS error on my part, but it also doesn't work on my laptop:

[bluecmd]$ go/bin/getroughtime -ping roughtime.cloudflare.com:2002 -pubkey gD63hSj3ScS+wuOeGrubXlq35N1c5Lby/S+T7MNTjxo=
ping error: no reply
[bluecmd]$ ping roughtime.cloudflare.com
PING roughtime.cloudflare.com (104.19.195.151) 56(84) bytes of data.
64 bytes from 104.19.195.151: icmp_seq=1 ttl=58 time=7.79 ms
64 bytes from 104.19.195.151: icmp_seq=2 ttl=58 time=9.00 ms

Compare with:

[bluecmd]$ go/bin/getroughtime -ping roughtime.sandbox.google.com:2002 -pubkey etPaaIxcBMY1oUeGpwvPMCJMwlRVNxv51KK/tktoJTQ=
ping response: 2018-10-02 23:50:22.775003 +0200 CEST ±1s (in 70ms)

cjpatton commented 5 years ago

Seems to be working fine for me. Do you know what point-of-presence your're hitting?

$ curl https://cloudflare.com/cdn-cgi/trace
fl=27f49
h=cloudflare.com
ip=128.227.227.104
ts=1538519304.515
visit_scheme=https
uag=curl/7.58.0
colo=ATL
spdy=h2
http=h2
loc=US
tls=TLSv1.2
sni=plaintext

colo=ATL means I'm hitting Cloudflare's location in Atlanta, Georgia, USA and my IP is 128.227.227.104.

(Note that you appear to be attempting to resolve roughtime.cloudflare.org, not sure if that's a typo or not. It should roughtime.cloudflare.com.)

bluecmd commented 5 years ago

Re: org/com - yes! That's indeed a typo. That explains why I get the DNS error - good catch!

Anyway, from laptop (which does not have the typo it seems) I get:


[bluecmd]$ curl https://cloudflare.com/cdn-cgi/trace
fl=71f334
h=cloudflare.com
ip=77.109.172.142
ts=1538519832.743
visit_scheme=https
uag=curl/7.60.0
colo=FRA
spdy=h2
http=h2
loc=CH
tls=TLSv1.2
sni=plaintext

From a random server in Sweden it seems to be working fine:

[sfu-diz-gw]$ ./getroughtime -ping roughtime.cloudflare.com:2002 -pubkey gD63hSj3ScS+wuOeGrubXlq35N1c5Lby/S+T7MNTjxo=

ping response: 2018-10-03 00:40:11.313 +0200 CEST ±1s (in 105ms)
[sfu-diz-gw]$ curl  https://cloudflare.com/cdn-cgi/trace
fl=128f14
h=cloudflare.com
ip=146.66.235.77
ts=1538520041.049
visit_scheme=https
uag=curl/7.60.0
colo=ARN
spdy=h2
http=h2
loc=SE
tls=TLSv1.2
sni=plaintext

I guess at this point it could be my laptop as well, given that it was the DNS issue on the other thing.

cjpatton commented 5 years ago

Well I'm glad I could help :) Closing this, but please feel free to comment here if your issue persists.

bluecmd commented 5 years ago

Just tried at my work computer and it works from there. I wonder if it may be related to like UDP MTU or something? Anyway, it's definitely on my end :-)

Thanks for your help!