[ntp:questions] Re: Mother Of All Clocks

Heiko Gerstung hg at heiko-gerstung.de
Tue Mar 29 04:17:55 UTC 2005


Todd Knarr <tknarr at silverglass.org> wrote in message news:<l5X1e.44611$le4.28199 at fed1read04>...
> In comp.protocols.time.ntp <88e50c98.0503280110.28153631 at posting.google.com> Heiko Gerstung <hg at heiko-gerstung.de> wrote:
> > stringent. Of course there is a protection against the loss of power
> > (UPS) and other problems.
> 
> Protection against accidental loss of power, probably. Thing is, I've
> noticed that the worst problems aren't accidents. I'd be less worried,
> for example, about a wiring failure than some clueless tech deciding for
> whatever misguided reason that that rack needed disconnected and
> methodically pulling every single power and/or cord out of it. And with
> the one-big-rack approach, the failure here is catastrophic: all
> networks completely lose all time-sync capability at once, with no
> backup. If their timestamp requirements are that stringent, this would
> be a major problem, wouldn't it? I can understand the desire to avoid
> physical interconnection (and it's a good desire, few attacks can bridge
> an air gap), but I'd be worried about the single-point-of-failure
> introduced as a result (especially if it were my job on the line when
> one of the unclued did something inventively stupid).

Sounds like the classic cleaning staff effect (CSE), where some
friendly guy needs some power for his vacuum cleaner ("hey, why the
hell our servers are rebooting each evening at 7pm?") :-)

No one is getting 100% security, I guess. But if you are dealing with
high security server rooms, you can be sure that they at least will
have a picture of that guy ;-). Seriously, I would not give you a
guarantee that your scenario could not happen, but I know that this
kind of customers even deals with that and does not allow anyone to
freak around in their server rooms.

We have customers with extremely high security constraints (I'd call
it "paranoia"), think of air traffic control authorities or the guys
wearing a uniform  (hey, maybe being paranoid is OK in _this_ case).
You will not get even close to their server racks without a nice guard
on your side and these guys can get really unfriendly if you are
trying to touch a cable...

Kind regards,
Heiko



More information about the questions mailing list