[SATLUG] ntp hosts (was tamu.edu)
brad at shub-internet.org
Mon Aug 4 13:18:52 CDT 2008
Don Wright wrote:
> Brad-- Based on your experience, would you recommend the multi-system
> ntp pools for most small users? For example, Debian now defaults to this
> in /etc/ntp.conf:
> server 0.debian.pool.ntp.org iburst dynamic
> server 1.debian.pool.ntp.org iburst dynamic
> server 2.debian.pool.ntp.org iburst dynamic
> server 3.debian.pool.ntp.org iburst dynamic
> This should eliminate the single host failure, but what are the
> drawbacks? Is there a certain network size that needs a local ntp server?
Well, I wrote the page at
<http://support.ntp.org/Support/SelectingOffsiteNTPServers>, and I tried to
encode as much of my knowledge on the subject on that page.
However, to summarize, assuming you've got good hardware all around, you've
configured your OSes correctly, etc... then the one remaining factor that
you worry about is latency. And statistical accuracy and precision goes
down as latency goes up.
So, if you can configure a set of local time servers robustly, with a
sufficient number of upstream time servers, etc... then the rest of your
clients are better off using those robust local time servers than trying to
track all the same sets of external time servers themselves.
See section 22.214.171.124 at
There are other recommendations on that page to help get you increased
robustness in your configuration, but proximity is key.
As for number of upstream servers to configure, I like to use at least five
or seven. Using only four will only protect you against one "false ticker"
(i.e., a machine upstream going insane), whereas five will protect you
against two false tickers.
Seven will protect you against three false tickers. Nine will protect you
against four, but for my part I think seven is a better compromise between
minimizing unnecessary traffic and protecting yourself in case upstream
machines go insane.
If you want to learn more about how to build a robust NTP server
infrastructure, I've got a whole article I just wrote which is going to be
published in the November issue of _;login:_ magazine.
I'd be glad to share a copy with you, but only if you promise not to share
it with anyone else, at least not without my express approval. I really
don't want to tick off the people at USENIX, especially my editor. I would
like to write more articles for them in the future, so I want to make sure I
annoy them by having this article get too widely distributed before November.
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the SATLUG