Tim Shoppa wrote: > Obviously dealing with servers gone bad is not the same thing, but > most servers are up for months or years at a time, right? Don't try > to make it sound like they're things that pop up and go away over a > few hours in common use! > It is clear that ntpd was designed on the assumption that an NTP server is a solidly available resource that does not go away for no reason. The designer favoured the idea of associating with a fixed set of servers (which means that knowledge about their stability can be learned) over an algorithm where it tries to reach new servers when there is a problem, not knowing the offset and stability of those new servers and thus risking time leaps or funny walks.
On the other hand, the pool.ntp.org system was set up for servers to automatically join and leave, and we have read on this list that people enthousiastically joined the pool, found out about the traffic bursts, and then decided to leave again. An ntpd instance that was restarted in the interval where such a server was available can easily be left without reference when that server decides to leave, and it will do nothing about it until it is restarted again. Which may be, un an unwatched system, after several months. As discussed before, it might be nice if there was a config option that tells ntpd to re-do a DNS lookup when a server that is configured with a domain name remains unreachable for a long time. Even a traditional NTP server might have had its address changed due to network-technical reasons. Rob _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
