nanog mailing list archives

Re: NTP Issues Today

From: Ask Bjørn Hansen <ask () develooper com>
Date: Wed, 21 Nov 2012 14:06:16 -0800


On Nov 20, 2012, at 13:00, Darius Jahandarie <djahandarie () gmail com> wrote:

Hi everyone,

I run the NTP Pool system - http://www.pool.ntp.org/ - so I have some opinions on some of this. :-)

But beyond that, I'm honestly rather curious what server selections
are a good idea. A first thought would be an adjacent country, but
maybe there is a benefit to picking things outside of the pool.ntp.org
selection entirely?


First of all: None of the ~3800 servers in the NTP Pool system were affected by this as far as I can tell from the 
(copious) monitoring data.

The big benefit to adding some non-pool servers is that you wouldn't be depending basically on a bunch of volunteers 
(and to a large extent me) for your time keeping. Though likely you'd just be depending on another group of volunteers.

In addition to depending on the server operators who run the ntpd servers you also depend on:

1) The monitoring system keeping accurate time.
2) The monitoring system does its job catching bad servers.
3) The process updating and distributing the DNS data working.
4) The DNS servers working (and not being under a DoS attack or similar).
5) Anything I haven't thought of!

Empirically I believe we've done a better job than just about anyone with a similar scale, but past performance is no 
promise of the future.

I see that Jared used *.fedora.pool.ntp.org -- I wonder if there was a
specific reason for that or if my questions are even worth thinking
about at all :-).



The servers for x.fedora.pool.ntp.org are in the same "group" as x.pool.ntp.org.  If you are in a country with many 
servers in the pool then you'll very likely get different IPs for the two. If you are in a country with few servers 
your odds for that aren't so good and it'd be a bit pointless.

Anyone using the NTP Pool in a default configuration (like Fedora does) must get a "vendor zone" setup - 
http://www.pool.ntp.org/en/vendors.html - so we have at least a little bit of a chance to monitor and mitigate problems.

It also allows us to change what servers are selected, how many IPs are returned etc for a particular vendor.  For 
example if Fedora in the future changes to use 'pool' instead of 'server' in the configuration we could optimize for 
that.


Ask

-- 
http://askask.com/

Current thread:

Re: NTP Issues Today, (continued)
- - - Re: NTP Issues Today Jay Ashworth (Nov 20)
    - Re: NTP Issues Today Jared Mauch (Nov 20)
    - Re: NTP Issues Today George Herbert (Nov 20)
    - Re: NTP Issues Today Leo Bicknell (Nov 20)
    - Re: NTP Issues Today Darius Jahandarie (Nov 20)
    - Re: NTP Issues Today Mike Lyon (Nov 20)
    - Re: NTP Issues Today Jared Mauch (Nov 20)
    - Picking outside NTP servers (Re: NTP Issues Today) Jay Ashworth (Nov 20)
    - Re: Picking outside NTP servers (Re: NTP Issues Today) George Herbert (Nov 20)
    - Re: Picking outside NTP servers (Re: NTP Issues Today) Majdi S. Abbas (Nov 20)
    - Re: NTP Issues Today Ask Bjørn Hansen (Nov 21)
- Re: NTP Issues Today Jimmy Hess (Nov 20)
  - Re: NTP Issues Today Darius Jahandarie (Nov 20)
    - Re: NTP Issues Today Blake Dunlap (Nov 20)
    - Re: NTP Issues Today George Herbert (Nov 20)
    - Re: NTP Issues Today Robert E. Seastrom (Nov 21)
  - Re: NTP Issues Today Damian Menscher (Nov 20)
  - Re: NTP Issues Today Alvaro Pereira (Nov 20)
  - RE: NTP Issues Today Chuck Church (Nov 21)
    - Re: NTP Issues Today Greg Ihnen (Nov 21)
- Re: NTP Issues Today Scott Weeks (Nov 19)

(Thread continues...)