Home page logo

nanog logo nanog mailing list archives

Re: Need trusted NTP Sources
From: Jay Ashworth <jra () baylink com>
Date: Sun, 9 Feb 2014 15:45:19 -0500 (EST)

----- Original Message -----
From: "Saku Ytti" <saku () ytti fi>

That's only true if the two devices have common failure modes,
though, is it not?

No, we can assume arbitrary fault which causes NTP to output bad time. With
two NTP servers it's more likely that any one of them will start doing
that than with one alone. And if any of the two start doing it, you don't
know which one.

Hey, waitaminnit!  I saw you palm that card.  :-)

If I'm locked to 2 coherent upstreams and one goes insane, I'm going to
know which one it is, because the other one will still match what I already
have running, no?

Or do I understand NTP less well than I think?

-- jra
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]