Need trusted NTP Sources

Frank Bulk frnkblk at iname.com
Fri Feb 7 02:57:21 UTC 2014


This doesn't address the full-mesh part, but this discussion suggests at
least four servers, but better to have five.
http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers#Section_5
.3.3.

Frank

-----Original Message-----
From: Saku Ytti [mailto:saku at ytti.fi] 
Sent: Thursday, February 06, 2014 10:34 AM
To: nanog at nanog.org
Subject: Re: Need trusted NTP Sources

On (2014-02-06 07:24 -0800), Michael DeMan wrote:

> A) Run a local set of NTP servers - these are your 'trusted' servers,
under your control, properly managed/secured, fully meshed, etc.

I'm not sure if full-mesh is best practice, the external clients should have
full view of as close to source data as possible.
If in full-mesh you're already masking the data with inaccuracy, giving the
clients less information to make decision?

We used to have full-mesh in our meinbergs, until from their recommendation
we
removed it completely. It makes sense to me, but I don't understand the
issue
deeply.

-- 
  ++ytti






More information about the NANOG mailing list