[ntp:questions] Re: Public servers?
David L. Mills
mills at udel.edu
Thu Jul 31 15:06:32 UTC 2003
Piotr,
I don't understand what you mean by "if somebody don't want to sync to
Windows machine?" In and of itself, that is not a useful quality
discriminator. The mitigation and grooming algorithms in ntpd are a
wonderful quality discriminator and pool.ntp.org is a completely correct
way to discover a swatch of servers from which ntpd can pick.
The public lists have been around for twenty years in one form or
another. I originally intended the lists for use by campus and workplace
network administrators, as in the early days before PCs. They are still
very useful when designing secondary and tertiary NTP subnets, but less
so for j-random PC users. There is no way to make everybody happy about
the lists and I won't even try.
I don't apologize for the liveness or deadness of the public lists, not
even a little. What you see is exactly what I get and I do not volunteer
to groom the lists in any way. Many times in the past some well meaning
folkster has pointed out absent response from one server or another only
to discover the DNS has changed or the server has been temporarily
disabled. I insist on solid evidence, such as notification from the
designated responsible person or confirmed report the server
organization has filed for bankruptcy. The latter happens a lot.
There are scripts around that swallow the lists and independently verify
the entries. The issue is whether the swallower can effectively convey
the access policy for automatic retrieval. We have discussed this issue
many times in the NTP developers corps and have considered various ways
to codify the access rules, but this gets awkward when it comes to
geographic scope. My advice is don't use the lists for j-random PCs.
Better to pester your ISP.
DO NOT CACHE THOSE LISTS. DO NOT CACHE THOSE LISTS. DO NOT CACHE THOSE
LISTS.
The lists change almost on a daily basis. There has been a lot of evil
in my past experience when some j-random boob caches the lists and I get
flak from folks (like you) who complain the lists are out of date. The
mea culpa middle finger points at multiple target cachers. Once you
parse the lists and verify entries and select candidates, update your
configuration file and lobotomize all memory of past actions. Do NOT, as
some silicon boobs do now, do a DNS lookup for every NTP packet sent.
Dave
Piotr Trojanek wrote:
> In article <bg8pim$g9l$1 at dewey.udel.edu>, David L. Mills wrote:
>
>>If your script has discovered primary and secondary servers appearing in
>>the public lists without respecting the access controls, you have done
>>an evil, evil thing.
>
>
> Yes, my fault. The reason was that I had experiences with stratum 1/2 list
> when trying to find server that I could sync to and finding inactive or
> out of sync ones.
>
> Once discovered all data is provided from local database, so no more
> overhead is putted on servers. Mayby some kind of more "up to date"
> list than official staratum 1/2 would prevent people from such a ideas
> like mine? As stated in pool.ntp.org it provides no way to check quality
> of server we get in DNS round robin -- ie. if somebody don't want to
> sync to Windows machine?
>
> But there really seems to be no way to make everybody happy about
> NTP server lists...:(
>
More information about the questions
mailing list