[ntp:questions] Re: Referencing Outside NTP Server in my Environment.
Steve Kostecke
kostecke at ntp.isc.org
Tue Aug 1 14:26:56 UTC 2006
On 2006-08-01, vb <vbasani at gmail.com> wrote:
> Configured NTP on HP, HP TRU64, Linux and Solaris servers. Each group
> has NTP Server and configured local clock impersonator and is
> referenced in NTP clients.Works good.
Do you mean that each group has an NTP server which is only configured
to the Undisciplined Local Clock (i.e. 127.127.1.x) as a source of time?
> Question is , Can I reference some outside NTP server, like defense or
> any Educational institute to the NTP servers
You should read the Rules of Engagement at http://ntp.isc.org/rules and
choose stratum 2 servers from http://ntp.isc.org/s2 unless you meet the
criteria for using stratum 1 servers. Please avoid using servers that
you don't have permission to use.
> I configured so that in case of a problem, all the clients will be
> synchronized to that of the outside server instead of local clock
> impersonator.
One of the uses for the Undisciplined Local Clock is to provide a clock
of last resort when all other normal synchronization sources (e.g.
Remote Time Servers or Local Refclocks) have gone away.
You seem to have this backwards.
> We not have Radio Receivers
You don't need to use a Local Refclock unless Remote Time Servers aren't
good enough for your application. The Undisciplined Local Clock is _not_
a Refclock.
>and have firewalls.
You need to have port 123/UDP open (bi-directionally) between all of the
systems running ntpd behind your firewall and your chosen Remote Time
Servers. If you are using a Stateful firewall your may not need to
perform any additional configuration.
BTW: The /etc/services extract you posted in another article has nothing
to do with your firewall settings.
--
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions
mailing list