Alex Karasulu wrote:
Hi all,
The first thread on replication after Emmanuel's comments started taking
a turn towards the question of time synchronization across replicating
servers. Time synchronization is very nice to have and forget about
while writing the code around replication. And yes we do not have
control over it since administrators can fudge this up.
Another alternative would be to have all the servers in the cluster
communicate with one another on occasion to share their current time to
establish offsets. These offsets (differences in time) between servers
in replication agreements can be used to correct for any time variance
we might encounter. Furthermore if the time is adjusted on the hosts,
the cluster can adjust to time changes.
WDYT?
Doing this accurately requires the same amount of work as NTP, to factor in
network roundtrip delays etc.
In one of my prior jobs I took this route for a Kerberos client implementation
on Windows. (Which, if you're curious, is used by Eudora...) Since Kerberos
would refuse to authenticate a client if its clock was more than 5 minutes
different from the server, we simply recorded the clock offset of each KDC in
the client. But - wtf - we had to use SNTP to maintain the offsets anyway...
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
