[ntp:questions] Regarding updation of IP addresses in the ntpd.conf file
Brian Utterback
brian.utterback at oracle.com
Sat Jul 21 18:15:51 UTC 2012
On 7/20/2012 6:23 PM, E-Mail Sent to this address will be added to the
BlackLists wrote:
> Brian Utterback wrote:> BlackLists wrote:
>>> server 0.pool.ntp.org
>>> server 1.pool.ntp.org
>>> server 2.pool.ntp.org
>>> server 3.pool.ntp.org
>>>
>>> More recent versions of ntp, might replace all four
>>> of those lines with one line in the conf file, e.g.:
>>>
>>> pool pool.ntp.org
>> Not generally. For some reason each lookup of any of these
>> always returns 3 addresses. Since we still recommend four
>> servers (even if there is some dispute over the reasons),
>> using just pool.ntp.org won't work.
>> Even is you do multiple lookups, if there is anything that
>> does any caching in between you and the DNS server that
>> sets the addresses, you will get the same three.
>> I don't know why there are only three addresses.
>> The simplest solution would be for the round robin DNS
>> servers to give out more addresses, then you could just
>> have the single line.
>
> I think you would have to have DNS servers that are breaking
> several of STD/RFC/ Best common Practices to really see that.
>
> I see that to be not true.
> When using the pool command (instead of server),
> ntp will keep pulling more IPs up to max clock (10 default),
> and then continue to pull more IPs
> whenever it finds a reason to discard a peer,
> and the quantity of peers drops below max clock.
>
> I find that after running a long time,
> you end up with a nice click of servers,
> with the far away ones in other countries getting discarded.
>
> 10 queries gets 18 unique IPs
> 50 queries gets 33 unique IPs
> 100 queries gets 51 unique IPs
>
> dns\bin>dig pool.ntp.org
> ; <<>> DiG 9.9.1-P1 <<>> pool.ntp.org
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24882
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;pool.ntp.org. IN A
>
> ;; ANSWER SECTION:
> pool.ntp.org. 70 IN A 108.59.14.130
> pool.ntp.org. 70 IN A 64.73.32.134
> pool.ntp.org. 70 IN A 67.18.187.111
>
> ;; Query time: 15 msec
> ;; SERVER: 206.13.29.12#53(206.13.29.12)
> ;; WHEN: Fri Jul 20 14:29:25 2012
> ;; MSG SIZE rcvd: 89
>
>
> dns\bin>dig +short pool.ntp.org
> 184.105.192.247
> 67.18.187.111
> 69.164.217.193
>
As you can see from your own queries, the address pool.ntp.org returns
three addresses and a timeout of 70 seconds. That means that subsequent
lookup of that same hostname can reasonably be expected to return the
same three addresses for up to 70 seconds, if the server that is being
queried is a caching server. Does the logic that does this lookup
repeat the lookup more than 70 seconds later to get new addresses?
Furthermore, this is assuming that the naming service is DNS at the
front end, and that may not be the case. NIS, NIS+, LDAP or others might
be the front end naming service and could have different, longer term
caching strategies and the same three addresses could be returned for
even longer than 70 seconds.
I just tried looking up pool.ntp.org on my Windows Vista system and got
the same IP addresses for 5 minutes before I got bored.
Brian Utterback
More information about the questions
mailing list