Hi, I need to design a new NTP architecture for my company, medium-sized with about 2000 workstations and servers. We use ActiveDirectory 2003 as the main directory for workstations but we also have VMWare, UNIX and LINUX servers. I was wondering what architecture would suit us best. We have 2 lines of firewalls and DMZs before the internet, and a corporate switched LAN with a few core routers.
I was thinking of a distributed time topology with two peered NTP servers in DMZ (on different sites if possible), with ISP external sources, delivering time to two peered Cisco core routers inside the LAN. These routers would be the masters clocks for the internal network, composed of our ActiveDirectory DCs (with all the workstations pointing on them), the internal network equipments, and the internal servers (including the VMWare farm). The DMZ machines would point to the DMZ NTP servers. What is your opinion ? Is it a good idea to have the DCs sync to routers ? If no, what should I choose as the main time server for my internal network (a PDC server, a router, a simple server ?) Thank you for your answers! /David _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
