Need trusted NTP Sources
Jay Ashworth
jra at baylink.com
Sun Feb 9 00:43:36 UTC 2014
----- Original Message -----
> From: "Saku Ytti" <saku at ytti.fi>
> On (2014-02-06 21:14 -0500), Jay Ashworth wrote:
> > My usual practice is to set up two in house servers, each of which
> > talks to:
> >
> > And then point everyone in house to both of them, assuming they
> > accept multiple server names.
>
> Two is worst possible amount of NTP servers to have. Either one fails and your
> timing is wrong, because you cannot vote false ticker. And chance of either of
> two failing is higher than one specific of them.
Fair point.
In practice, it never bit me because nearly everything that wanted NTP
would only accept one server name (being windows) and the things that
*did* take more than one, I generally pointed to both internals, and
something outside the firewall as well.
In the architecture I described, though, is it really true that the odds
of the common types of failure are higher than with only one?
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
More information about the NANOG
mailing list