nanog mailing list archives
Re: NIST NTP servers
From: Leo Bicknell <bicknell () ufp org>
Date: Tue, 10 May 2016 08:22:19 -0700
In a message written on Mon, May 09, 2016 at 11:01:23PM -0400, b f wrote:
In search of stable, disparate stratum 1 NTP sources.
http://wpollock.com/AUnix2/NTPstratum1PublicServers.htm
We tried using “time.nist.gov” which returns varying round-robin addresses (as the link says), but Cisco IOS resolved the FQDN and embedded the numeric address in the “ntp server” config statement.
Depending on your hardware platform your Cisco Router is likely not a great NTP server. IOS is not designed for hyper-accuracy.
After letting the new server config go through a few days of update cycles, the drift, offset and reachability stats are not anywhere as good as what the stats for the Navy time server are - 192.5.41.41 / tock.usno.navy.mil.
The correct answer here is to run multiple NTP servers in your network. And by servers I mean real servers, with good quality oscellators on the motherboard. Then configure them to talk to _many_ sources. You need 4 sources of time minimum to redundantly detect false tickers. If you're serious about it then find ~10 Stratum 1 sources (ideally authenticated and from trusted entities), one of which could be GPS as several have suggested. You'll then have high quality false ticker rejection. Configure all of your devices to get NTP from the servers you run using authentication. -- Leo Bicknell - bicknell () ufp org PGP keys at http://www.ufp.org/~bicknell/
Attachment:
_bin
Description:
Current thread:
- Re: NIST NTP servers, (continued)
- Re: NIST NTP servers Chuck Anderson (May 13)
- Re: NIST NTP servers Sharon Goldberg (May 13)
- RE: NIST NTP servers John Souvestre (May 12)
- Re: NIST NTP servers Chris Adams (May 12)
- RE: NIST NTP servers John Souvestre (May 12)
- RE: NIST NTP servers Chuck Church (May 11)
- Re: NIST NTP servers George Herbert (May 12)
- RE: NIST NTP servers Allan Liska (May 11)
- RE: NIST NTP servers Chuck Church (May 10)
- Re: NIST NTP servers Mike (May 10)
- Re: NIST NTP servers Laszlo Hanyecz (May 10)
- Re: NIST NTP servers Harlan Stenn (May 10)
- Re: NIST NTP servers Jared Mauch (May 10)
- Re: NIST NTP servers Gary E. Miller (May 10)
- Re: NIST NTP servers Jared Mauch (May 10)
- Re: NIST NTP servers Mel Beckman (May 10)
- Re: NIST NTP servers Chris Adams (May 10)
- Re: NIST NTP servers Mel Beckman (May 10)
- Re: NIST NTP servers Roland Dobbins (May 10)