Re: NTP Server

[Steven Fischer <sfischer1967 () gmail com>]

James --

Well said.  I was going to submit the exact same thing.  This is what we we
do at my company and it works extremely well - we only use three stratum-1
time servers, and three internal servers to go get the time from the three
externals, via a one-to-one correspondence.  Once all three internals have
acquired the time from the three stratum-1 clocks, they all poll each other
for the average.  every host in the network is pointed to one of the three
internals.

On Sun, Oct 24, 2010 at 1:12 PM, Cutler James R <james.cutler () consultant com
> wrote:

> Time Service is more complicated than just having a single NTP server. But
> it can be useful and is not really a luxury.
>
> Two primary reasons for local time service are to reliably serve a network
> that is relatively or completely isolated from the general internet, and, to
> provide a local time source for "dumb" clients that is closer (less jitter)
> in network terms. Other reasons can include policy (everything in the
> network uses the same identical time service), policy (the time service is
> locally controlled), operational simplicity (the routers don't need to run
> NTP), and, separation of functions/operational responsibility (your run your
> servers, they run the backbone, I tell you the time.
>
> Implementing a local time service is actually fairly simple, but fewer than
> four servers is wasted effort.  I can't explain in just a few words how the
> servers interact and compute delays and jitter to come to an "accurate"
> time.  Take my word or ask David Mills for all that.
>
> Implementation of an internet-referenced time service involves the
> following:
> 1. Select a set of stratum one servers - pick open access servers or get
> permission to use limited access servers. Four to six should do.
> 2. Select a set local hosts on your network - DNS servers, for example.
> These should be well distributed. Four to six should do. The actual NTP load
> is small compared to DNS queries.
> 3. Configure the local hosts as peers using the stratum one set as servers.
> Use crypto authentication if you feel the need.
> 4. Add NTP monitoring to your network management process.
> 5. Advertise the local time servers to your network - DHCP, word of mouth,
> configuration requirements, configuration scripts, standard builds, etc.
>
> It is simple enough to do for a five node home network. It is almost that
> simple for a network with hundreds of thousands of client nodes. I've done
> both.
>
>
> On Oct 24, 2010, at 12:29 PM, Brandon Kim wrote:
>
> > I guess what I'm trying to understand is, is having your own NTP server
> just a luxury?
> > I personally would like to have my own, I just need to pitch its
> advantages to my company. Unless everyone here on the NANOG group
> > clearly spells it out to me that it's a luxury.
> >
> > I can see it as an added service/benefit though to our customers.....
> >
> >
> >
> > > Date: Sun, 24 Oct 2010 17:55:22 +0200
> > > From: eugen () leitl org
> > > To: nanog () nanog org
> > > Subject: Re: NTP Server
> > >
> > > On Mon, Oct 25, 2010 at 02:51:24AM +1100, Ben McGinnes wrote:
> > >
> > > > > How do you knew that your local NTP server knew what time it is?  (for
> sure)
> > > > By polling as many stratum 1 and 2 time servers as possible.  Having
> > > > your own stratum 2 server(s) beats nebulous NTP servers out in the big
> > > > bad Internet every time.
> > >
> > > For those you care about that:
> > >
> > > http://leapsecond.com/time-nuts.htm
> >                      =
>
> James R. Cutler
> james.cutler () consultant com


-- 
To him who is able to keep you from falling and to present you before his
glorious presence without fault and with great joy