Firewall Wizards mailing list archives
Re: Acqusition of time
From: Kevin Steves <stevesk () pobox com>
Date: Thu, 30 Jan 2003 19:48:59 -0800
On Thu, Jan 30, 2003 at 09:24:00AM +0100, Ben Nagy wrote:
I could maybe be convinced that the "best" behaviour would be to start marking log entries somehow as soon as NTP sync got lost or the correction was larger than a few seconds, but I'm not sure it's anywhere near as serious as losing logging ability. (That said, how many people use PIXes that log via standard, lossy, syslog ? ;)
PIX will block if using TCP syslog and the log server dies. NTP is fairly new in PIX and I'm not sure if it blocks if it loses NTP peers/sync. Seems rather drastic. Regarding logging, IOS will indicate in logs when logging with timestamp (I think) whether time is not authoritative and if using NTP whether it's not synched. '*' and '.' before the time as I recall. Don't know offhand if PIX does that. But then, if you don't log, as discussed in the recent thread that died, it doesn't matter :) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Acqusition of time, (continued)
- RE: Acqusition of time Tina Bird (Jan 29)
- Re: Acqusition of time Volker Tanger (Jan 29)
- Re: RE: Acqusition of time Brian Monkman (Jan 29)
- Re: RE: Acqusition of time Paul D. Robertson (Jan 29)
- Re: RE: Acqusition of time Joseph S D Yao (Jan 30)
- Re: Acqusition of time Volker Tanger (Jan 29)
- Re: RE: Acqusition of time Paul D. Robertson (Jan 29)
- Re: Acqusition of time Brian Ford (Jan 29)
- Re: Acqusition of time Ben Nagy (Jan 30)
- Re: Acqusition of time Martin Peikert (Jan 30)
- Re: Acqusition of time Frank Knobbe (Jan 31)
- Re: Acqusition of time Kevin Steves (Jan 31)
- Re: Acqusition of time Ben Nagy (Jan 30)
- RE: Acqusition of time Reckhard, Tobias (Jan 31)
- Re: Acqusition of time Martin Peikert (Jan 31)