Re: [ntp:questions] Leap-second test with ntpd
On 2015-02-23 17:23, Ask Bjørn Hansen wrote: I am trying to setup an ntpd to use the local clock as the "reference source" and so I can set the time to late June and verify 1) what ntpd does and 2) what clients do. I had it working with the 4.2.4 that comes with FreeBSD 10.1 (and the local clock), but I wanted to use 4.2.8 since that's what is supported (and because of the better, I think, support for the leap second list file). With 4.2.4 then I could configure ntpd with this and it'd serve time to clients: server 127.127.1.1 minpoll 4 maxpoll 5 fudge 127.127.1.1 stratum 4 WIth 4.2.8 it never thinks it's in sync with that configuration. I've also tried with variations of tos orphan 3 orphanwait 2 and "tos orphan" plus the local clock. Finally then I've tried adding a bogus server (one that never responds) on a server line in case ntpd really wants to try reaching a real clock before it'll give up and trust the local clock, but I keep getting "127.0.0.1: Server dropped: Server has gone too long without sync" from ntpd. What am I missing? IIRC recent releases mark LCL unselectable if any other sources are configured: so remove other sources. Try adding server option true to force selection; maybe also set fudge time2 to drift rate? If all else fails try dev 4.3.0 and hack ;^> -- Take care. Thanks, Brian Inglis ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Leap-second test with ntpd
Ask Bj?rn Hansen writes: >> On Feb 23, 2015, at 4:37 PM, Harlan Stenn wrote: >> >> You might not need orphan mode at all - just the plain local refclock >> driver. >> >> You might also just need a "customized" leapseconds file. > > Yeah, that was my first test =E2=80=94 just: > > server 127.127.1.1 minpoll 4 maxpoll 5 > fudge 127.127.1.1 stratum 4 > leapfile "/etc/ntp/leap-seconds.list" > > The documentation[1] says that =E2=80=9Corphan mode=E2=80=9D is the = > replacement for the local clock, so that=E2=80=99s why I tried that too. = > (It also says that since 4.2.5p101 ntpd can run in =E2=80=9Cpure orphan = > mode=E2=80=9D, so that=E2=80=99s why I tried it that way, too). > > [1] http://support.ntp.org/bin/view/Support/OrphanMode OK, first, in general, most folks want Orphan Mode. There are *very few* cases where one wants a local refclock. This may or may not be one of them. I am *pretty sure* that it doesn't matter which one you use. The key element is probably that you have a leapfile on your box that says when you want the leap to happen, and you set the time on this box with no external servers. In this case, with either orphan mode or with a local refclock, the local machine should offer "sync'd" time at whatever stratum is selected. Please pick something so if somebody stumbles across this machine it won't be "believed". H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Leap-second test with ntpd
Martin might have a good answer for you. I'd like to see these instructions written up. You might not need orphan mode at all - just the plain local refclock driver. You might also just need a "customized" leapseconds file. H Ask Bj?rn Hansen writes: > Hi everyone, > > I am trying to setup an ntpd to use the local clock as the "reference source" > and so I can set the time to late June and verify 1) what ntpd does and 2) w > hat clients do. > > I had it working with the 4.2.4 that comes with FreeBSD 10.1 (and the local c > lock), but I wanted to use 4.2.8 since that's what is supported (and because > of the better, I think, support for the leap second list file). > > With 4.2.4 then I could configure ntpd with this and it'd serve time to clien > ts: > > server 127.127.1.1 minpoll 4 maxpoll 5 > fudge 127.127.1.1 stratum 4 > > WIth 4.2.8 it never thinks it's in sync with that configuration. > > I've also tried with variations of > > tos orphan 3 orphanwait 2 > > and "tos orphan" plus the local clock. > > Finally then I've tried adding a bogus server (one that never responds) on a > server line in case ntpd really wants to try reaching a real clock before it' > ll give up and trust the local clock, but I keep getting "127.0.0.1: Server d > ropped: Server has gone too long without sync" from ntpd. > > What am I missing? > > Ask > > > faketime# ntpq -c pe -n > remote refid st t when poll reach delay offset jitte > r > = > = > 127.127.1.1 .LOCL. 4 l7 16 3770.0000.000 0.00 > 0 > 10.0.200.99 .INIT. 16 u- 3200.0000.000 0.00 > 0 > > faketime# ntpq -c rv > assID=0 status=4019 leap_add_sec, sync_unspec, 1 event, event_9, > version="ntpd 4.2.8p1@1.3265-o Wed Feb 11 14:52:45 UTC 2015 (1)", > processor="amd64", system="FreeBSD/10.1-STABLE", leap=01, stratum=3, > precision=-24, rootdelay=0.000, rootdisp=0.000, refid=127.0.0.1, > reftime=. Thu, Feb 7 2036 6:28:16.000, > clock=d93d2598.951cfd78 Tue, Jun 30 2015 14:26:32.582, peer=0, tc=3, > mintc=3, offset=0.000, frequency=0.000, sys_jitter=0.00, > clk_jitter=0.000, clk_wander=0.000, tai=35, leapsec=20150701, > expire=20151228 > > $ ntpdate -qvd -p 1 faketime.local > 23 Feb 16:21:58 ntpdate[94790]: ntpdate 4.2.6@1.2089-o Fri May 28 01:20:57 UT > C 2010 (1) > Looking for host faketime.local and service ntp > host found : 10.0.200.250 > transmit(10.0.200.250) > receive(10.0.200.250) > transmit(10.0.200.250) > 10.0.200.250: Server dropped: Server has gone too long without sync > server 10.0.200.250, port 123 > stratum 3, precision -24, leap 01, trust 000 > refid [10.0.200.250], delay 0.02599, dispersion 0.0 > transmitted 1, in filter 1 > reference time:. Sun, Dec 31 1899 16:00:00.000 > originate timestamp: d93d25b5.9dba6981 Tue, Jun 30 2015 7:27:01.616 > transmit timestamp: d89642a9.e6ba0620 Mon, Feb 23 2015 16:22:01.901 > filter delay: 0.02599 0.0 0.0 0.0 > 0.0 0.0 0.0 0.0 > filter offset: 10937099 0.00 0.00 0.00 > 0.00 0.00 0.00 0.00 > delay 0.02599, dispersion 0.0 > offset 10937099.714600 > > 23 Feb 16:22:01 ntpdate[94790]: no server suitable for synchronization found > > ___ > questions mailing list > questions@lists.ntp.org > http://lists.ntp.org/listinfo/questions > ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
[ntp:questions] Leap-second test with ntpd
Hi everyone, I am trying to setup an ntpd to use the local clock as the "reference source" and so I can set the time to late June and verify 1) what ntpd does and 2) what clients do. I had it working with the 4.2.4 that comes with FreeBSD 10.1 (and the local clock), but I wanted to use 4.2.8 since that's what is supported (and because of the better, I think, support for the leap second list file). With 4.2.4 then I could configure ntpd with this and it'd serve time to clients: server 127.127.1.1 minpoll 4 maxpoll 5 fudge 127.127.1.1 stratum 4 WIth 4.2.8 it never thinks it's in sync with that configuration. I've also tried with variations of tos orphan 3 orphanwait 2 and "tos orphan" plus the local clock. Finally then I've tried adding a bogus server (one that never responds) on a server line in case ntpd really wants to try reaching a real clock before it'll give up and trust the local clock, but I keep getting "127.0.0.1: Server dropped: Server has gone too long without sync" from ntpd. What am I missing? Ask faketime# ntpq -c pe -n remote refid st t when poll reach delay offset jitter == 127.127.1.1 .LOCL. 4 l7 16 3770.0000.000 0.000 10.0.200.99 .INIT. 16 u- 3200.0000.000 0.000 faketime# ntpq -c rv assID=0 status=4019 leap_add_sec, sync_unspec, 1 event, event_9, version="ntpd 4.2.8p1@1.3265-o Wed Feb 11 14:52:45 UTC 2015 (1)", processor="amd64", system="FreeBSD/10.1-STABLE", leap=01, stratum=3, precision=-24, rootdelay=0.000, rootdisp=0.000, refid=127.0.0.1, reftime=. Thu, Feb 7 2036 6:28:16.000, clock=d93d2598.951cfd78 Tue, Jun 30 2015 14:26:32.582, peer=0, tc=3, mintc=3, offset=0.000, frequency=0.000, sys_jitter=0.00, clk_jitter=0.000, clk_wander=0.000, tai=35, leapsec=20150701, expire=20151228 $ ntpdate -qvd -p 1 faketime.local 23 Feb 16:21:58 ntpdate[94790]: ntpdate 4.2.6@1.2089-o Fri May 28 01:20:57 UTC 2010 (1) Looking for host faketime.local and service ntp host found : 10.0.200.250 transmit(10.0.200.250) receive(10.0.200.250) transmit(10.0.200.250) 10.0.200.250: Server dropped: Server has gone too long without sync server 10.0.200.250, port 123 stratum 3, precision -24, leap 01, trust 000 refid [10.0.200.250], delay 0.02599, dispersion 0.0 transmitted 1, in filter 1 reference time:. Sun, Dec 31 1899 16:00:00.000 originate timestamp: d93d25b5.9dba6981 Tue, Jun 30 2015 7:27:01.616 transmit timestamp: d89642a9.e6ba0620 Mon, Feb 23 2015 16:22:01.901 filter delay: 0.02599 0.0 0.0 0.0 0.0 0.0 0.0 0.0 filter offset: 10937099 0.00 0.00 0.00 0.00 0.00 0.00 0.00 delay 0.02599, dispersion 0.0 offset 10937099.714600 23 Feb 16:22:01 ntpdate[94790]: no server suitable for synchronization found ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
On 2015-02-23, Harlan Stenn wrote: > William Unruh writes: >> On 2015-02-23, Harlan Stenn wrote: >> > Miroslav Lichvar writes: >> >> On Sat, Feb 21, 2015 at 07:02:28PM +, David Taylor wrote: >> >> > On 21/02/2015 17:52, William Unruh wrote: >> >> > [] >> >> > >It will do that too. The crucial item there is "the only method of time >> >> > >correction is manual entry" which is different from ntpd and orphan >> >> > >mode. I have no idea why this conversation is continuing. The two are >> >> > >different. The two methods are trying to solve the same problem >> >> > >(timekeeping of isolated systems) but doing so in a different manner. I >> f >> >> > >you like one better than the other, that is fine. But they are not the >> >> > >same. >> >> > >> >> > Bill, please enlighten me why I cannot, using NTP's orphan mode, set the >> >> > time on one PC manually and have another PC sync to it? >> >> >> >> Well, you can, but it's not as easy. You need to find the orphan >> >> parent first (i.e. the system with the smallest refid), somehow >> >> figure out its phase and frequency error to the real time, and correct >> >> them behind ntpd's back (possibly with the date and ntptime -f >> >> commands). >> >> >> >> With chrony you just run "chronyc -a settime xx:xx:xx" once in a while >> >> on the server and it will do the rest for you. >> > >> > I'm not buying it. >> > >> > It's trivially easy to set up a proper orphan mesh. >> > >> > A proper network configuration will have multiple time servers on it, >> > because sometimes things break. If you want to set up something where a >> > flock of machines follow a single server, that's your choice and there >> > are consequences to that choice when things break. >> > >> > If you implement the recommended setup then the old local refclock >> > scheme will usually pretty much just work, and an an orphan scheme will >> > just work. >> >> Of course it will "work" but the clocks will go wandering off, with no >> way of hauling them back into time. > > Bullshit. As soon as a proper time source is found the servers will use > it. ??? That is true in both cases. The assumption was that you have a clock which has no connectivity for months. Ie, no proper time source will be found. The question is about disciplining the clock in that case. If time sources are available, then yes, please use them. > >> Lets start with a single machine >> with a drift rate of 30PPM. By the end of the month it will be a minute >> out. So if that is working, then it works. As Lichvar says with chrony >> you periodically read your watch, or listen to radio, and set the time >> and chrony figures out that you have a drift rate of about 30PPM and >> corrects. Now you may not value that possibility, which is perfectly all >> right, but some people might. > > So you are assuming that an orphan mesh kicks in at a time when there is > an uncorrected drift of 30ppm, and this is at a site where time synch is > important and they're OK with no proper time source for a month? Sure. The computer starts up with no time sources availble. The drift could well be 30PPm. > > What would happen if chrony happened to lose its time source while there > was an uncorrected drift of 30ppm? Anything different? Yes, you would feed it time manually, and it would use that as its time source. That is what we are discussing. > > With ntpd and chrony it's possible to adjust the frequency in this case. It is possible sure. It is just that chrony does it differently. The question that was raised was whether or not chrony's handling of a time island is identical with ntpd's. It is not. Now you may not care, or may not believe anone could be interested in the difference. But they are different. > > It's posts like these from you that cause me to wonder if you are just a > troll. It's why I tend to not respond to you, but sometimes I do > respond to at least some of your more egregious posts. ??? Clearly you have not been following the discussion. The claim was that chrony's ability to use manual time input as a time source was identical with ntpd's orphan or local clock modes. All I have said is that it is not. No idea why you call that trolling. > > H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] NTP with 2 servers
On 2015-02-23, Brian Inglis wrote: > On 2015-02-23 10:58, William Unruh wrote: >> On 2015-02-23, Nuno Pereira wrote: > On 2015-02-20, Nuno Pereira wrote: >>> By the answers that I've received meanwhile, we need 2 more. > >> You need one more, at a minimum. Ie, with three sources one can alway >> have two outvote the one. four sources are often recommended so that >> even if one dies, or is taken offline you still have three left. Of >> course that reasoning could be extended to say that you need 10 >> sources, just in case 7 went offline. >> But with 2, the system is left to hop between them if they diverge. If >> one goes offline of course there is no problem since one always wins in >> a vote with itself the only voter. > > This is why to need to roll patching across your internal time servers > - so that no more than one is offline at one time - and your normal > clients do not lose all their sources at once. Two sources will do that for you as well. There are two failure modes. One is that a time source goes down. The other is that a time source goes crazy (eg does not impliment leap seconds). Two will protect you against the first, three against the second. Four will protect against both happening at once, etc. For rolling adjustments, three would be fine, as long as you check that all three are behaving properly ( are not false tickers) when you take one of them out briefly. > > Your restricted internal clients' time will start to drift away from UTC > as soon as NTP on their single source goes down for patching. > > If you can get multiple internal sources running with different, independent > external or pool sources, you can peer them in an NTP subnet, and set up a DNS > round robin list name e.g. ntp_pool, to return all internal sources, and > change all > yourinternal clients to use pool instead of server e.g pool ntp_pool iburst > preempt. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
On 2015-02-23, Paul wrote: > On Mon, Feb 23, 2015 at 12:53 PM, William Unruh wrote: > >> As Lichvar says with chrony >> you periodically read your watch, or listen to radio, and set the time >> and chrony figures out that you have a drift rate of about 30PPM and >> corrects. Now you may not value that possibility, which is perfectly all >> right, but some people might. >> > > Seems like someone should do some unbiased research and determine just how > long it takes to find clock drift, say to 2 ppm, using chrony with manual > corrections. Finding a nice (efficient) method would be useful too. manual corrections are probably good to 1 sec. to get 1 sec at 2ppm is about 5 days per measurement or 10 days altogether. > > With NTPd I might set the clock, wait a month check the time and create a > drift file. Yes, But as Lichvar said, having the program do the work for you is easier. You could also measure offsets by hand and use adjtimex to adjust the clock yourself and not use either chrony or ntpd. > > Sometimes you have to examine a use case and conclude that it's poor return > on investment. I think trying to discpline an uncharaterized oscillator > with a wristwatch is certainly marginal. Up to you. The option is there for chrony. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
On Mon, Feb 23, 2015 at 12:53 PM, William Unruh wrote: > As Lichvar says with chrony > you periodically read your watch, or listen to radio, and set the time > and chrony figures out that you have a drift rate of about 30PPM and > corrects. Now you may not value that possibility, which is perfectly all > right, but some people might. > Seems like someone should do some unbiased research and determine just how long it takes to find clock drift, say to 2 ppm, using chrony with manual corrections. Finding a nice (efficient) method would be useful too. With NTPd I might set the clock, wait a month check the time and create a drift file. Sometimes you have to examine a use case and conclude that it's poor return on investment. I think trying to discpline an uncharaterized oscillator with a wristwatch is certainly marginal. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
On 2015-02-23, Harlan Stenn wrote: > Miroslav Lichvar writes: >> On Sat, Feb 21, 2015 at 07:02:28PM +, David Taylor wrote: >> > On 21/02/2015 17:52, William Unruh wrote: >> > [] >> > >It will do that too. The crucial item there is "the only method of time >> > >correction is manual entry" which is different from ntpd and orphan >> > >mode. I have no idea why this conversation is continuing. The two are >> > >different. The two methods are trying to solve the same problem >> > >(timekeeping of isolated systems) but doing so in a different manner. If >> > >you like one better than the other, that is fine. But they are not the >> > >same. >> > >> > Bill, please enlighten me why I cannot, using NTP's orphan mode, set the >> > time on one PC manually and have another PC sync to it? >> >> Well, you can, but it's not as easy. You need to find the orphan >> parent first (i.e. the system with the smallest refid), somehow >> figure out its phase and frequency error to the real time, and correct >> them behind ntpd's back (possibly with the date and ntptime -f >> commands). >> >> With chrony you just run "chronyc -a settime xx:xx:xx" once in a while >> on the server and it will do the rest for you. > > I'm not buying it. > > It's trivially easy to set up a proper orphan mesh. > > A proper network configuration will have multiple time servers on it, > because sometimes things break. If you want to set up something where a > flock of machines follow a single server, that's your choice and there > are consequences to that choice when things break. > > If you implement the recommended setup then the old local refclock > scheme will usually pretty much just work, and an an orphan scheme will > just work. Of course it will "work" but the clocks will go wandering off, with no way of hauling them back into time. Lets start with a single machine with a drift rate of 30PPM. By the end of the month it will be a minute out. So if that is working, then it works. As Lichvar says with chrony you periodically read your watch, or listen to radio, and set the time and chrony figures out that you have a drift rate of about 30PPM and corrects. Now you may not value that possibility, which is perfectly all right, but some people might. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool server gone wild
On Sun, 22 Feb 2015 10:32:09 +0100, Terje Mathisen wrote: >The design is to always compare all servers against the rest (i.e. >median value), dropping the outlier, then repeat until there is a quorum >remaining. > >Pruning should only happen if there are a too many servers, and only if >you can replace them with new DNS results. So ntpd was operating properly and I was mistaken. Thank you. -- Roger ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] NTP with 2 servers
> -Mensagem original- > De Nuno Pereira Em nome de Brian Inglis > Enviada: sábado, 21 de Fevereiro de 2015 01:43 > Para: questions@lists.ntp.org > Assunto: Re: [ntp:questions] NTP with 2 servers > > On 2015-02-20 16:58, William Unruh wrote: > > On 2015-02-20, Nuno Pereira wrote: > >> In our infrastructure we had some ntp clients that don't have access to the > >> world and so they are configured to use only 2 servers (by the way, the > other > >> have 2 more options). In reality both servers are the same, but with > different > >> IPs. > > So you only have one server. Why have two that are the same? > >> From time to time some clients configured in this way lose their reference > for > >> some short period. > >> I know how NTP works > >> (http://www.ntp.org/ntpfaq/NTP-s-algo-real.htm#Q-NTP-ALGO), and so > this seems > >> to be caused by both 2 servers or just 1 of them not have survived. > >> But both the clients and the servers are physically in the same place, and > >> even if they aren't in the same IP network, they are in the same LAN with > just > >> a switch or two between them (delay is between 1 and 2 ms). > > What is the switch? Smoke signals? Any switch should be a lot lot faster > > than 1ms. > >> And the question is why this does happen in the local network? > >> Aren't they close enough in order to avoid a split? > >> Given that, I have changed the configuration, and now they only use 1 > server, > >> but that is not a good solution. > > But that is what you have! > >> Any alternative for the configuration? More servers, most likely virtual > >> servers? > > I dislike the term servers here and prefer sources, as what you need are > 3-5 independent sources of time. You can get that by setting up NTP on > some other Internet facing physical servers (Windows, Linux, BSD) whose > CPUs and network I/O are not overloaded, using pool and/or separate, > local, independent sources, and have all your internal clients configured > to sync from all of those internal sources. > Take care. Thanks, Brian Inglis Thank you for your interesting answer. The clients where I have configured just 2 sources (1, in reality) aren't facing the internet, and so can only use local servers. That can be changed, but we would prefer to use local servers. Getting those " some other Internet facing physical servers (Windows, Linux, BSD) whose CPUs and network I/O are not overloaded" is our problem: we just don't seem to find them: either our servers aren't, as you say, facing the internet, or aren't with the CPUs or network I/O overloaded (actually I/O in general, not network I/O), or may not be. > You will have to roll patchings across your internal time sources with > delays to ensure that no more than one source is out of sync at any time. What do you mean by that? Nuno Pereira G9Telecom ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] NTP with 2 servers
> -Mensagem original- > De: Nuno Pereira Em > nome de William Unruh > Enviada: sexta-feira, 20 de Fevereiro de 2015 23:59 > Para: questions@lists.ntp.org > Assunto: Re: [ntp:questions] NTP with 2 servers > > On 2015-02-20, Nuno Pereira wrote: > > > > > > > > In our infrastructure we had some ntp clients that don't have access to the > > world and so they are configured to use only 2 servers (by the way, the other > > have 2 more options). In reality both servers are the same, but with different > > IPs. > > So you only have one server. Why have two that are the same? Short answer: for historical reasons. Long answer: we considered that we needed one more server in our infrastructure (remember that most of our network has 2 more sources, external), and so we designated an IP for that. We didn't had a good alternative as a server to be that second ntp server, and so we added that IP to the current ntp server and configured it in our clients. Months had passed since then, and we still didn't designate that second server. By the answers that I've received meanwhile, we need 2 more. > > From time to time some clients configured in this way lose their reference for > > some short period. > > > > > > > > I know how NTP works > > (http://www.ntp.org/ntpfaq/NTP-s-algo-real.htm#Q-NTP-ALGO), and so this > seems > > to be caused by both 2 servers or just 1 of them not have survived. > > > > But both the clients and the servers are physically in the same place, and > > even if they aren't in the same IP network, they are in the same LAN with just > > a switch or two between them (delay is between 1 and 2 ms). > > What is the switch? Smoke signals? Any switch should be a lot lot faster > than 1ms. I realized that, at least the server from where I took that value i salso behind a firewall. And a router to be in the middle isn't discardable. Is 0.2-0.3 a good value? That's what we have in some cases. > > And the question is why this does happen in the local network? > > > > Aren't they close enough in order to avoid a split? > > > > > > Given that, I have changed the configuration, and now they only use 1 server, > > but that is not a good solution. > > But that is what you have! That's true, and that's why I've sent this question. Nuno Pereira G9Telecom ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] NTP with 2 servers
> De: Charles Swiger [mailto:cswi...@mac.com] > Enviada: sexta-feira, 20 de Fevereiro de 2015 20:52 > >>In our infrastructure we had some ntp clients that don't have access to the >>world and so they are configured to use only 2 servers (by the way, the other >>have 2 more options). In reality both servers are the same, but with different >>IPs. >I think ntpd would see the same reference id for that timesource regardless >of which IP you reach it by, and loop detection would figure it out. In all the clients, both timesources are available, not discarded and are being used. And in some cases they also intercalate between them. Ntpd might not detect it properly, or simply not consider it a loop? >>On Feb 20, 2015, at 12:17 PM, Nuno Pereira wrote: >>Given that, I have changed the configuration, and now they only use 1 server, >>but that is not a good solution. >> >>Using 1 server is better than using 2. >>Using at least 4 servers is better than using 1. >> >> >>Any alternative for the configuration? More servers, most likely virtual servers? > >VMs make anywhere from terrible to adequate timeservers. >Bare metal or at the hypervisor level is preferable. > >Setup a local NTP subnet of at least 4 peers, and have your clients talk to each of those. >Your chosen ntp servers should each be configured with at least one unique timesource >which is not used by anything else to promote diversity. Well, that is our problem: we don't have enough hardware that we consider a good source, either for security issues, or too many load on it. The hypervisors are becoming more an option, but they have 2 problems: they need to be reconfigured if reinstalled, and also for security issues. Nuno Pereira G9Telecom ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
Miroslav Lichvar writes: > On Sat, Feb 21, 2015 at 07:02:28PM +, David Taylor wrote: > > On 21/02/2015 17:52, William Unruh wrote: > > [] > > >It will do that too. The crucial item there is "the only method of time > > >correction is manual entry" which is different from ntpd and orphan > > >mode. I have no idea why this conversation is continuing. The two are > > >different. The two methods are trying to solve the same problem > > >(timekeeping of isolated systems) but doing so in a different manner. If > > >you like one better than the other, that is fine. But they are not the > > >same. > > > > Bill, please enlighten me why I cannot, using NTP's orphan mode, set the > > time on one PC manually and have another PC sync to it? > > Well, you can, but it's not as easy. You need to find the orphan > parent first (i.e. the system with the smallest refid), somehow > figure out its phase and frequency error to the real time, and correct > them behind ntpd's back (possibly with the date and ntptime -f > commands). > > With chrony you just run "chronyc -a settime xx:xx:xx" once in a while > on the server and it will do the rest for you. I'm not buying it. It's trivially easy to set up a proper orphan mesh. A proper network configuration will have multiple time servers on it, because sometimes things break. If you want to set up something where a flock of machines follow a single server, that's your choice and there are consequences to that choice when things break. If you implement the recommended setup then the old local refclock scheme will usually pretty much just work, and an an orphan scheme will just work. -- Harlan Stenn http://networktimefoundation.org - be a member! ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] chrony as a server
On Sat, Feb 21, 2015 at 07:02:28PM +, David Taylor wrote: > On 21/02/2015 17:52, William Unruh wrote: > [] > >It will do that too. The crucial item there is "the only method of time > >correction is manual entry" which is different from ntpd and orphan > >mode. I have no idea why this conversation is continuing. The two are > >different. The two methods are trying to solve the same problem > >(timekeeping of isolated systems) but doing so in a different manner. If > >you like one better than the other, that is fine. But they are not the > >same. > > Bill, please enlighten me why I cannot, using NTP's orphan mode, set the > time on one PC manually and have another PC sync to it? Well, you can, but it's not as easy. You need to find the orphan parent first (i.e. the system with the smallest refid), somehow figure out its phase and frequency error to the real time, and correct them behind ntpd's back (possibly with the date and ntptime -f commands). With chrony you just run "chronyc -a settime xx:xx:xx" once in a while on the server and it will do the rest for you. -- Miroslav Lichvar ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions