Purpose of creating Vendor Zones

Is there any advantage that the vendors gain by creating their own vendor zones and how exactly does this help the entire community?

I’m not sure I completely understand the purpose behind creating these zones. I mean I understand why a contribution should be taken from vendors who intend to use community ntp servers in their distributions or devices, but other than keeping a track of vendor wise requests and enabling the pool maintainers to collect a fee from the vendors, are there any other upsides to creating these zones both from the perspective of the vendors as well as the community in general ?

Thanks in advance :slight_smile:

One of the main benefits is that if they DDoS the pool, the vendor zone can be disabled to cut them off.

Another one is that it sets up contact and a relationship so that they can be given an explanation about not DDoSing the pool, and if they accidentally do it anyway, they can be asked to stop.

(As you can see, I’m not an expert at PR or sales. :wink:)

3 Likes

Yes, there have been ‘issues’ in the past where an update to a device / app had a bug and created an unintentional flood in traffic.

Using a vendor pool also allows both the vendor and the pool maintainer ( @ask ) to know how much traffic they are generating.

Also depending on where the product is located, the vendor pool can be tailored to to a continent, or country (or countries)…

1 Like

Also means that a vendor who does unintentionally DDoS the pool can spin up servers to take over the load for their own devices, and remove that traffic from the public pool completely, without needing to reconfigure potentially millions of devices which may not be vendor-configurable once deployed in the wild.

1 Like

So just to clarify, does it mean that when a vendor zone is created, a dedicated set of servers is assigned to the zone or does the normal server selection criteria(based on the geographic location + round robin) hold for the vendor zones ?

Only @Ask could definitively answer that. You could probably look over the pool / dns code (it’s on Github) to find out.

However, I don’t believe any serves are ‘dedicated’ to vendor zones. Instead, the vendor zone is just an overlay that pulls its selection from specified other zones (likely just ‘global’).

2 Likes

Yes, that’s correct. There are some options for vendor zones to work differently (IPv6 support, filtering certain servers, etc) that I’ve been working on adding.

The original intention was to have a way to protect the rest of the pool from vendors with poorly behaved devices.

However it turns out that the vendors who follow the process to sign up for a zone generally are thoughtful about all this (more or less; part of the process is often to talk to them about how to use the pool appropriately). This means in reality it’s more likely that during problems what we can do is protect the people who went through the process from whoever else is doing something stupid.

Anyway, yes – that’s the point: be able to help vendors better manage how they use the pool and give us a few more tools to manage the overall load.

For example during the event a couple years ago when an app developer put some terrible NTP code into their app and put huge load on a few country zones, we could mitigate by having those zones work differently. Having the vendor zones have also helped get some vendors to fix their code so they wouldn’t poll at the top of the hour, etc (which is still a big problem, but mostly on the “default” zone names).

Some of the next updates to the site will be to make the vendor zone setup a bit more sophisticated (and more automated!) which will make it more possible to proceed with other changes (IPv6 support, a more nuanced scoring system, etc).

Are vendor zones still alive? I’ve had a request for one since September 2018 with not even a whisper of a reply to anything.

Sometimes you have to ping @Ask a few times as he’s usually traveling for work. Have you sent any follow up emails to ask@develooper.com ?

I’ve asked again … here’s hoping that this time we’ll get it registered.