[ntp:questions] Re: ntpd and ACTS
Terje Mathisen
terje.mathisen at hda.hydro.com
Thu Nov 11 07:13:41 UTC 2004
Brad Knowles wrote:
> At 4:44 PM -0600 2004-11-10, Walter L. Preuninger II wrote:
>
>> Our president does not want any of our internal machines
>> connected to the internet. In fact, I have to go to a completely
>> different
>> office just to send this.... Only dedicated computers have internet
>> access.
>
>
> In those kinds of cases, setting up your own internal time server
> that is directly connected to a refclock (e.g., GPS, WWV/WWVB/CHU/DCF77,
> ACTS) is probably the only option you're likely to have available to you.
There is one other option:
Use a serial line as the NTP interface, i.e. write a tiny program that
goes around in a small loop, waking up for a little while (say up to 10
ms each second), while running a maximum priority:
while (1) {
getcurrenttime(&sec, &ms);
/* Sleep until we're close to the end of the second: */
if (ms < 990)
sleep(990 - ms);
/* Start a tight loop waiting until the second ticks over: */
do {
prev_ms = ms;
getcurrenttime(&sec, &ms);
} while (ms >= prev_ms);
/* We have just ticked over, send the current time as a (fake)
radio clock signal, any of the PARSE clocks can be used.
*/
len = format_time(&buf, sec);
/* Send it out on a serial/tty port: */
write(ttyfd, buf, len);
}
I.e. with this approach there is only a one-way serial connection
between a single externally-connected machine (running full NTPD) and
one system on the inside of the disconnected/secure network, with no
possibility of using that connection to take over the internal net. To
be extra safe, remove all lines from the serial cable except ground and
transmit. :-)
An optional tweak would be to toggle a modem control line on top of the
second, so as to emulate a PPS source for the internal systems, but just
using the serial signal is probably enough.
Terje
--
- <Terje.Mathisen at hda.hydro.com>
"almost all programming can be viewed as an exercise in caching"
More information about the questions
mailing list