[email protected] wrote: > It seems to me that if "prefer" was used, even a > "freewheeling" ntpd that's lost all upstream reachability > will still serve the time. > Ouch, I didn't know "prefer" would do this...
<http://www.eecis.udel.edu/~mills/ntp/html/prefer.html> The prefer Peer "In the prefer scheme the clustering algorithm is modified so that the prefer peer is never discarded" "Ordinarily, the combining algorithm computes a weighted average of the survivor offsets to produce the final synchronization source. However, if a prefer peer is among the survivors, the combining algorithm is not used. Instead, the offset of the prefer peer is used exclusively as the final synchronization source." Mitigation Rules "As the selection algorithm scans the associations for selectable candidates, the modem driver and local driver are segregated for later, but only if not designated a prefer peer. If so designated, a driver is included among the candidate population." ... "If the prefer peer is among the survivors, it becomes the system peer and its clock offset and jitter are inherited by the corresponding system variables. Otherwise, the combining algorithm computes these variables from the survivor population." The minsane Option "The minsane option specifies the minimum number of survivors required to synchronized the system clock." <http://www.eecis.udel.edu/~mills/ntp/html/miscopt.html> minsane "minsane Specify the number of servers used by the selection algorithm as the minimum to set the system clock. The default is 1 for legacy purposes; however, for critical --------------------- applications the value should be somewhat higher but less --------------------------------------------------------- than minclock." ------------- That seems to cover it? FWIW, I'm currently using tos minclock 6 minsane 4 cohort 1 <http://unix.derkeiler.com/Newsgroups/comp.unix.solaris/2003-09/2490.html> "The minclock threshold is used by the clustering algorithm as it casts off outlyer servers until the total remaining is not more than this value. At the moment, minclock defaults to three mostly for historic reasons. From Byzantine agreement principles, it really should be four. The interesting threshold is minsane, which is the minimum number of survivors necessary to declare the client synchronized. It defaults to one in the interest of fast synchronization, but really should be something higher like four, assuming that number of servers can always be found." <http://support.ntp.org/bin/view/Support/StartingNTP4> "To increase your ability to detect and eliminate falsetickers (especially during startup), you should use the following configuration command in your /etc/ntp.conf file: tos minclock 4 minsane 4" <http://lopsa.org/node/1480> Towards a resilient NTP configuration in NTP4 -- E-Mail Sent to this address <[email protected]> will be added to the BlackLists. _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
