On 7/20/2012 6:23 PM, E-Mail Sent to this address will be added to the
BlackLists wrote:
Brian Utterback wrote:> BlackLists wrote:
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org
More recent versions of ntp, might replace all four
of those lines with one line in the conf file, e.g.:
pool pool.ntp.org
Not generally. For some reason each lookup of any of these
always returns 3 addresses. Since we still recommend four
servers (even if there is some dispute over the reasons),
using just pool.ntp.org won't work.
Even is you do multiple lookups, if there is anything that
does any caching in between you and the DNS server that
sets the addresses, you will get the same three.
I don't know why there are only three addresses.
The simplest solution would be for the round robin DNS
servers to give out more addresses, then you could just
have the single line.
I think you would have to have DNS servers that are breaking
several of STD/RFC/ Best common Practices to really see that.
I see that to be not true.
When using the pool command (instead of server),
ntp will keep pulling more IPs up to max clock (10 default),
and then continue to pull more IPs
whenever it finds a reason to discard a peer,
and the quantity of peers drops below max clock.
I find that after running a long time,
you end up with a nice click of servers,
with the far away ones in other countries getting discarded.
10 queries gets 18 unique IPs
50 queries gets 33 unique IPs
100 queries gets 51 unique IPs
dns\bin>dig pool.ntp.org
; <<>> DiG 9.9.1-P1 <<>> pool.ntp.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24882
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pool.ntp.org. IN A
;; ANSWER SECTION:
pool.ntp.org. 70 IN A 108.59.14.130
pool.ntp.org. 70 IN A 64.73.32.134
pool.ntp.org. 70 IN A 67.18.187.111
;; Query time: 15 msec
;; SERVER: 206.13.29.12#53(206.13.29.12)
;; WHEN: Fri Jul 20 14:29:25 2012
;; MSG SIZE rcvd: 89
dns\bin>dig +short pool.ntp.org
184.105.192.247
67.18.187.111
69.164.217.193
As you can see from your own queries, the address pool.ntp.org returns
three addresses and a timeout of 70 seconds. That means that subsequent
lookup of that same hostname can reasonably be expected to return the
same three addresses for up to 70 seconds, if the server that is being
queried is a caching server. Does the logic that does this lookup
repeat the lookup more than 70 seconds later to get new addresses?
Furthermore, this is assuming that the naming service is DNS at the
front end, and that may not be the case. NIS, NIS+, LDAP or others might
be the front end naming service and could have different, longer term
caching strategies and the same three addresses could be returned for
even longer than 70 seconds.
I just tried looking up pool.ntp.org on my Windows Vista system and got
the same IP addresses for 5 minutes before I got bored.
Brian Utterback
_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions
