[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NTP Issues Today
After some private replies, I'm going to reply to my own post with
some information here.
It appears many people don't understand how the NTP protocol works.
I suspect many people have configured a "primary" and a "backup"
NTP server on many of their devices. It turns out this is the
_WORST_ possible configuration if you want accurate time:
To protect against two falseticking servers (tick and tock, as we saw on
the 19th) you need _FIVE_ servers minimum configured if they are both in
the list. More importantly, if you want to protect against a source
(GPS, CDMA, IRIG, WWIV, ACTS, etc) false ticking, you need a minimum of
_FOUR_ different source technologies in the list as well.
It's not hard, my box that I posted the logs from peers with 18 servers
using 8 source technologies, all freely available on the Internet...
Leo Bicknell - bicknell at ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 826 bytes
Desc: not available