nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need trusted NTP Sources

From: Jay Ashworth <jra () baylink com>
Date: Sat, 8 Feb 2014 19:43:36 -0500 (EST)
----- Original Message -----

From: "Saku Ytti" <saku () ytti fi>



On (2014-02-06 21:14 -0500), Jay Ashworth wrote:

My usual practice is to set up two in house servers, each of which
talks to:

And then point everyone in house to both of them, assuming they
accept multiple server names.


Two is worst possible amount of NTP servers to have. Either one fails and your
timing is wrong, because you cannot vote false ticker. And chance of either of
two failing is higher than one specific of them.


Fair point.

In practice, it never bit me because nearly everything that wanted NTP
would only accept one server name (being windows) and the things that
*did* take more than one, I generally pointed to both internals, and 
something outside the firewall as well.

In the architecture I described, though, is it really true that the odds
of the common types of failure are higher than with only one?

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274
Previous By Date Next
Previous By Thread Next

Current thread: