nanog mailing list archives
Re: OpenNTPProject.org
From: Blake Dunlap <ikiris () gmail com>
Date: Mon, 17 Feb 2014 10:02:35 -0600
If you're trying to actually run a ntp server setup as opposed to just trusting the world, I strongly suggest reading the documentation for the service, as most people don't deploy it correctly while they think they have. At minimum, you want a cluster of 3 - 4 servers internally, configured as peers of each other, and listening to some source of time, preferably multiple like a few on the internet from the big public pool, and if you really care about time, set up a GPS receiver or two. You can definitely go farther than the above, but that's the start to doing it right. Anything short of the above is just trusting the world at large, and you'll likely happily follow along with any time skew like that thing a few months/year ago with either tick or tock. Without the above, you don't have enough sane sources to discredit bad advisers (you need 3 for a time lock). -Blake On Mon, Feb 17, 2014 at 9:38 AM, Anthony Williams <alby.williams () verizon com
wrote:
Blake: Just to make sure I've got this down, listing a device as a "peer" in the ntp.conf file will create a situation where both devices are saying, "I know what time it is" and splitting the difference? Whereas when you list a device as a "server", it's using that as the authority on the correct time? Example: -- # peer 192.168.1.1 iburst peer 192.168.1.2 iburst # server ntp.colby.edu minpoll 6 maxpoll 10 iburst server bonehed.lcs.mit.edu minpoll 6 maxpoll 10 iburst On 2/17/2014 10:28 AM, Blake Dunlap wrote:Peer means it considers the other side an equal and they will mutuallyskewtime together. If you have peer on for devices you don't consider yourtimeservers, you're opening yourself up to problems. -Blake
Current thread:
- Re: OpenNTPProject.org Pete Ashdown (Feb 16)
- Re: OpenNTPProject.org Pete Ashdown (Feb 16)
- Re: OpenNTPProject.org Brian Rak (Feb 16)
- RE: OpenNTPProject.org Kate Gerry (Feb 16)
- Re: OpenNTPProject.org James R Cutler (Feb 16)
- Re: OpenNTPProject.org George, Wes (Feb 17)
- Re: OpenNTPProject.org Pete Ashdown (Feb 17)
- Re: OpenNTPProject.org Blake Dunlap (Feb 17)
- Re: OpenNTPProject.org Anthony Williams (Feb 17)
- Re: OpenNTPProject.org James R Cutler (Feb 17)
- Re: OpenNTPProject.org Blake Dunlap (Feb 17)
- RE: OpenNTPProject.org Mike Walter (Feb 18)
- RE: OpenNTPProject.org Kate Gerry (Feb 16)
- Re: OpenNTPProject.org Dobbins, Roland (Feb 17)
- Re: OpenNTPProject.org Paul S. (Feb 17)
- Re: OpenNTPProject.org Harlan Stenn (Feb 17)
- Re: OpenNTPProject.org Lyndon Nerenberg (Feb 16)
- Re: OpenNTPProject.org Christopher Morrow (Feb 16)
- Re: OpenNTPProject.org Lyndon Nerenberg (Feb 16)
- Re: OpenNTPProject.org Mark Tinka (Feb 16)
- Re: OpenNTPProject.org Christopher Morrow (Feb 16)