NIST NTP servers

Steven Miano mianosm at gmail.com
Tue May 10 10:48:52 UTC 2016


NTP has vulnerabilities, so using an external source opens your networks
and infrastructure to disruptions.

Going with an internal GPS/GLONASS/RADIO based S1 allows you to restrict
incoming traffic and not rely on volunteers or external entities (which may
undergo maintenance or budget issues).

My preference is more so something akin to the GLN180PEX (I am not
affiliated or paid to endorse this product). It allows you to use commodity
hardware (like a decommissioned 1U or several preferably) and creation of
ones own reliable internal time source(s). Introducing black boxes into a
production (revenue generation or expected services by paying customers)
environment is undesirable.

>From there setting up NTPd, Chronyd, and PTPd is up to you.

Relying on satellites may seem like just another external reliance, but the
next life is proposing a design life of 12 years.....

On Mon, May 9, 2016 at 11:12 PM, Majdi S. Abbas <msa at latt.net> wrote:

> On Tue, May 10, 2016 at 03:08:16AM +0000, Mel Beckman wrote:
> > NTP has vulnerabilities that make it generally unsuitable for
> > provider networks. I strongly recommend getting a GPS-based
> > time server. These are as cheap as $300. Here is one I use quite a bit:
>
>         So how does this stop from distributing time to their
> customers via NTP?
>
>         GPS doesn't save the protocol, in particular where the S1
> clocks involved are embedded devices with rather coarse clocks and
> timestamping.
>
>         --msa
>



-- 
Miano, Steven M.
http://stevenmiano.com



More information about the NANOG mailing list