[ntp:questions] Re: Architecture / best practice for small/medium company setups

Joachim Schrod jschrod at acm.org
Fri Jun 30 09:40:08 UTC 2006


Richard B. Gilbert wrote:
> 
> If you want to use four peered servers you need a minimum of seven 
> upstream servers to do it right; one unique server for each of your 
> servers and three others to be shared by all.  Do you REALLY need four 
> peered servers?

Richard, that was actually the question I was posing: How many timeservers does
one need in an environment as I have described it? Since this is my question, I
cannot answer it myself directly, but am looking for help towards an answer.
As I wrote, there is *no* demand for high precision, all applications use time
with a granularity of seconds and not below.

Nevertheless, Brian argues vehemently to use always four servers, even for small
and medium companies. Maarten says use two, one master and one backup; Harlan
agrees with him.

Well, then: how many? Currently, for me the decision tree looks like:

Case 1)
  -- Are you willing to spend the money and the effort to set up two refclocks?
     (The money if they are prepared systems, like Meinberg's; the effort if
     you buy cards, place them in your own servers, and configure ntpd)
==> if yes, set up one or two own primary servers and sync to them

Case 2)
  -- Do you have demands for high reliability?
  -- Do you have four Unix/Linux servers (i.e., always-on) with Internet
     connections?
  -- Are you are willing to spend the time to locate seven upstream servers?
==> Then use four internal timeservers.
==> Otherwise, use two internal timeservers, one that is synced to the pool
     and the second as backup.

The connection between these two cases is still unclear to me. If I have own
primary servers with refclocks (case 1); should I still set up internal
timeservers (case 2)? Just this week was the discussion on the newsgroup that
almost all refclocks run seriously astray from time to time. As far as I
understood, internal xntpd timeservers protect against that, and should
therefore be used in any case.

> How about two servers, one with a GPS refclock and one with a DCF77 refclock?

I have hoped that Internet timeservers would suffice.

>> Is this really the recommendation that I should formulate for the NTP 
>> Support Wiki? That's why I asked how many company servers should sync 
>> to Internet servers.
> 
> When you get a configuration that works for you, then you can consider 
> writing an article for the Wiki.  If you have done something really 
> unique and clever you should definitely write about it.

Perhaps I should make more explicit why I'm posing this questions, obviously I
haven't been clear enough. My main interest is to collect information, to be
able to write up a procedural step-wise how-to in the NTP Wiki, respectively
improve the page that is there. (Or I will place it somewhere else if the Wiki
won't take it). I am not interested in something unique or clever, I'm
interested in best practice for generic medium companies. With as few decisions
and as little work as possible. Something like: You want NTP? Do a, b, c; then
you're finished.

This interest was triggered by a question of a friend in a company with 50
computer systems, 8 of them are Unix/Linux systems, 6 always-on servers. He
asked me how to set up NTP in his company. My personal experience is a setup for
30,000 hosts and doesn't scale down well to his situation. So I pointed him
towards the NTP Wiki and the NTP documentation. Well, he returned and told me
that the information there is not clear enough for him. It demands too many
decisions where he doesn't know how to make them -- and I don't know the answer
either. Reading the documentation, it is not really clear
  -- how many timeservers one should use when one has just 50 computers,
     (or 30, or 80 computers; something in this ballbark)
  -- how does one select reference servers (how many, which ones)
  -- how does one configure them to get sensible protection against typical
     hardware outages, but not against disasters. High availability is not
     necessary here, some degraded mode before a replacement system is set
     up suffices.

Since he wasn't the first aquaintance who asked me question about NTP setups in
similar environments (as I wrote, between 10 and 100 computers that have to be
served), I decided to write something up for him and others in this situation.
(My personal advantage will be a dinner for helping him with his setup. :-)

I hope that makes the context of my questions clearer.

	Joachim

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod				Email: jschrod at acm.org
Roedermark, Germany




More information about the questions mailing list