[time-nuts] can of worms: time-of-day in a community radio station
Hal Murray
hmurray at megapathdsl.net
Sun Oct 20 23:58:20 UTC 2019
themadbeaker at gmail.com said:
> In reference to using the NTP Pool, someone mentioned they don't trust them
> and the possibility of a "rogue" server. The NTP Pool has a monitor that is
> constantly querying every server in the pool, if the time drifts too far it
> is removed from the DNS rotation.
There is a catch. The pool code in ntpd never goes back to check to see if a
server has been kicked out of the pool or resigned. As long as the server
keeps responding, it will be used but subject to the usual filtering rules.
If it stops responding, ntpd will drop it and do another DNS query to get a
replacement. (There may be some hysteresis on how-many.)
Note that there are 2 ways to use the pool. You can say
server pool.ntp.org (or us.pool.ntp.org or 0.us.pool.ntp.org)
That will latch on to one of the servers in the pool.
It won't do the replacement dance I described above.
Next time you boot or otherwise restart ntpd you will probably get a different
server.
In the old says, before ntpd supported the pool command in ntp.conf, it was
common to see things like:
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org
(Slot 2 also returns IPv6 addresses.)
You can also say:
pool us.pool.ntp.org
That will take several servers from the DNS response and try again later if it
needs more.
> Also, none of the servers in the pool
> should be using leap-smearing (a requirement you mentioned).
You can't test a server for smearieness. It wouldn't surprise me if some of
them turn out to be getting time from google servers or something similar.
--
These are my opinions. I hate spam.
More information about the Time-nuts_lists.febo.com
mailing list