nanog mailing list archives

Re: NTP question

From: James R Cutler <james.cutler () consultant com>
Date: Thu, 2 May 2019 12:13:55 -0400

On May 2, 2019, at 10:59 AM, William Herrin <bill () herrin us> wrote:

On Wed, May 1, 2019 at 7:03 PM Harlan Stenn <stenn () nwtime org <mailto:stenn () nwtime org>> wrote:
It's not clear to me that there's anything *wrong* with using the pool,
especially if you're using our 'pool' directive in your config file.

The one time I relied on the pool I lost sync a year later when all three servers the configuration picked withdrew 
time services and the still-running ntp client didn't return to the names to find new ones. Wonderful if that's fixed 
now but the pool folks argued just as strongly for using it back then.

Also, telling the security auditor that you have no idea who supplies your time source is pretty much a non-starter. 
You can convince them of a lot of things but you can't convince them it's OK to have no idea where critical services 
come from.

That's what's wrong with the pool. 

Regards,
Bill Herrin


-- 
William Herrin ................ herrin () dirtside com <mailto:herrin () dirtside com>  bill () herrin us 
<mailto:bill () herrin us>
Dirtside Systems ......... Web: <http://www.dirtside.com/ <http://www.dirtside.com/>>


I have only ever used the pool as a supplement to other servers. Here is a snippet from ntp.conf that was found in the 
bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard.’ *

#       External Time Synchronization Source Servers
#
server  tick.usno.navy.mil                      # open access
server  time.apple.com                          # open access
server  Time1.Stupi.SE                          # open access
server  ntps1-0.uni-erlangen.de                 # open access
server  0.pool.ntp.org                          # open access
server  1.pool.ntp.org                          # open access
server  2.pool.ntp.org                          # open access
server  nist1-nj2-ustiming.org                  # open access
server  nist1-chi-ustiming.org                  # open access
server  nist1-pa-ustiming.org                   # open access
#

I have not kept up with pool changes since then.

*Apologies to Douglas Adams

Current thread:

RE: NTP question, (continued)
- - - RE: NTP question Keith Medcalf (May 01)
    - Re: NTP question William Herrin (May 01)
    - Re: NTP question Rubens Kuhl (May 01)
    - RE: NTP question Keith Medcalf (May 01)
    - Re: NTP question Harlan Stenn (May 01)
    - Re: NTP question Stephen Satchell (May 01)
    - Re: NTP question Mel Beckman (May 01)
    - Re: NTP question Harlan Stenn (May 01)
    - Re: NTP question William Herrin (May 02)
    - Re: NTP question Chris Adams (May 02)
    - Re: NTP question James R Cutler (May 02)
    - Re: NTP question Harlan Stenn (May 02)
    - Re: NTP question James R Cutler (May 02)
    - Re: NTP question Harlan Stenn (May 02)
    - Re: NTP question Eric S. Raymond (May 06)
    - Re: NTP question Mel Beckman (May 01)
- Re: NTP question Rubens Kuhl (May 01)
- Re: NTP question Alejandro Acosta (May 01)
  - Re: NTP question Mike Hammett (May 01)
    - Re: NTP question Brielle Bruns (May 01)
  - Re: NTP question Carsten Bormann (May 01)

(Thread continues...)