What do you think for my architecture about this configuration in my ntp.conf for all 3 servers:
server 127.127.1.0 fudge 127.127.1.0 restrict 127.127.1.0 mask 255.255.255.255 NTP technicians people says: Never put those lines in any ntp config outside of some test environment in a lab. (unfortunately many manufacturers put those lines in example configs) on 21/05/2013 14:31, Riccardo Castellani wrote: > n.4 srv Internet--> server A > > server A --> server B > server > A --> server C > > A is my internal source > B,C are cluster machine so hardware > is reliable but I don't want to present these servers directly on pubblic network >>My comments: >>1) two servers is maybe the worst situation; use one, or three, or four if f possible, but not two. >> See http://www.ntp.org/ntpfaq/NTP-s-algo-real.htm#Q-NTP-ALGO I'll create 3rd server as D, server A -> D >> 2) both servers pointing to A: A is a single point of failure. If A dies, B and C will both be left to their own devices. >> I had a similar problem -- I needed to feed clients in a private network that were not NAT'ed to the public network, and did as follows. True ! You are right but I'm not interesting if for a day, server A failures and clients will be left to their devices. >> I have four servers on the public network, Pu1.. Pu4; each of those server uses four different public sources, >> and no public source is shared between two different servers (so they are 16 in total). >> I have four servers on the private network, Pr1..Pr4. Each one of them uses Pu1.. Pu4 as sources, >> but PrX marks PuX as preferred. This way, in >> normal conditions they all follow a separate source (in a sense, PrX is a "repeater" of PuX in the private network). >> If a public servers fails, say Pu1, then Pr1 will follow the one among Pu2..Pu4 it thinks it's the best. >> The service on both public and private will be a bit degraded, but the resulting configuration will still be good enough to give us time to fix problems safely. Good solution ! Did you use for your 4 servers on the public network and for your 4 server on the private network the following lines: server 127.127.1.0 fudge 127.127.1.0 restrict 127.127.1.0 mask 255.255.255.255 >> HTH >> Ciao >> -- bronto _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
