[ntp:questions] Re: Referencing Outside NTP Server in my Environment.

Steve Kostecke kostecke at ntp.isc.org
Tue Aug 1 14:26:56 UTC 2006

On 2006-08-01, vb <vbasani at gmail.com> wrote:

> Configured NTP on HP, HP TRU64, Linux and Solaris servers. Each group
> has NTP Server and configured local clock impersonator and is
> referenced in NTP clients.Works good.

Do you mean that each group has an NTP server which is only configured
to the Undisciplined Local Clock (i.e. 127.127.1.x) as a source of time?

> Question is , Can I reference some outside NTP server, like defense or
> any Educational institute to the NTP servers

You should read the Rules of Engagement at http://ntp.isc.org/rules and
choose stratum 2 servers from http://ntp.isc.org/s2 unless you meet the
criteria for using stratum 1 servers. Please avoid using servers that
you don't have permission to use.

> I configured so that in case of a problem, all the clients will be
> synchronized to that of the outside server instead of local clock
> impersonator.

One of the uses for the Undisciplined Local Clock is to provide a clock
of last resort when all other normal synchronization sources (e.g.
Remote Time Servers or Local Refclocks) have gone away.

You seem to have this backwards.

> We not have Radio Receivers

You don't need to use a Local Refclock unless Remote Time Servers aren't
good enough for your application. The Undisciplined Local Clock is _not_
a Refclock.

>and have firewalls.

You need to have port 123/UDP open (bi-directionally) between all of the
systems running ntpd behind your firewall and your chosen Remote Time
Servers. If you are using a Stateful firewall your may not need to
perform any additional configuration.

BTW: The /etc/services extract you posted in another article has nothing
to do with your firewall settings.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/

More information about the questions mailing list