Home page logo

nanog logo nanog mailing list archives

Re: Need trusted NTP Sources
From: Jimmy Hess <mysidia () gmail com>
Date: Sun, 9 Feb 2014 15:00:29 -0600

On Sun, Feb 9, 2014 at 2:45 PM, Jay Ashworth <jra () baylink com> wrote:

If I'm locked to 2 coherent upstreams and one goes insane, I'm going to
know which one it is, because the other one will still match what I already
have running, no?

The question should be how assured is the reliability of the clocks of the
2 upstream servers.    I  think I am pretty happy with the concept of
having two  local centralized NTP servers,   used by  various servers in an
environment ----  some SNTP some NTP,  each of the   local centralized NTP
servers  using   5     external time sources.

These external time sources need to be periodically checked, to ensure the
central NTP servers continue to synchronize with them,  and that they
continue to be accurate.

So the pair of NTP servers is not redundant in the sense that the time is
allowed to be wrong,  but  they are resilient in the sense  of being
configured,  so  their own clock should always be correct,   unless there
is a   once in 100 years failure scenario.

Each of the local servers, then has two NTP peers as time source, and the
local clock discipline,  except for virtual machines:  which should use
 just the two NTP servers.

A local pair of NTP servers are not "redundant"  in the sense of being able
to survive a catastrophic software bug in NTP;  the local time sources
should be  redundant to survive  the more highly frequent condition of
 temporary total failure of a local NTP server.

 Or do I understand NTP less well than I think?

-- jra


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]