[ntp:questions] peer command and clusters
E-Mail Sent to this address will be added to the BlackLists
Null at BlackList.Anitech-Systems.invalid
Tue Mar 29 21:01:17 UTC 2011
Florin Andrei wrote:
> Let's assume I upgrade to a newer version that accepts
> the "source" keyword. Then how about this config?
>
> Is there are risk of too many internal servers picking
> other internal servers to sync their time - and not
> enough servers using external sources?
> Should I skew the selection using "prefer" with the
> external servers?
>
> Ideally, I'd like most of my NTP servers to use the
> public pool most of the time.
> The peers are there "just in case".
> But if some of my servers sync up preferentially
> to some other internal servers, that's fine.
>
> server 0.us.pool.ntp.org
> server 1.us.pool.ntp.org
> server 2.us.pool.ntp.org
> server 3.us.pool.ntp.org
pool us.pool.ntp.org iburst preempt prefer # current NTP will spin up as many as it needs (up to maxclock).
> peer ntp1 iburst
peer ntp2 iburst # NTP tosses loops by itself, not necessary to comment out your own name
> peer ntp3 iburst
> peer ntp4 iburst
> peer ntp5 iburst
> peer ntp6 iburst
>
> driftfile /var/lib/ntp/drift
>
> restrict source nomodify notrap noquery
restrict source nomodify notrap # noquery seems unnecessary on that line?
> restrict XXX.YYY.ZZZ.0 mask 255.255.255.0 nomodify notrap # allow NTP clients to query this server
As long as _all_ your peers and clients are within XXX.YYY.ZZZ. IP space?
> restrict 127.0.0.0 mask 255.0.0.0 # allow local queries
> restrict default ignore # disallow everybody else
# Perhaps
tos cohort 1 # allows sync to server at the same stratum
tos minclock 5 minsane 4 # only for your servers / peers
# manycast can be used to allow your clients to automatically discover your servers, e.g.
keys "/etc/ntp.keys" # e.g. contains: 123 M YOUR_MD5_KEY
trustedkey 123
manycastclient 224.0.1.1 key 123 preempt prefer
manycastserver 224.0.1.1 # only for your servers
--
E-Mail Sent to this address <BlackList at Anitech-Systems.com>
will be added to the BlackLists.
More information about the questions
mailing list