[ntp:questions] Advice on a private stratum 2 pool

Jason Rabel jasonrabel99 at gmail.com
Thu Jul 4 14:50:25 UTC 2019

You never mentioned what your "clients" are going to be using? Are
they running NTP too and will be able to choose multiple sources, or
are they basically SNTP clients requesting time from only one server?

As someone else said, using 'peer' really isn't useful or necessary
*unless* your connection is flaky and expect the S2 servers will need
to free-run, or you are trying to keep consistent time across multiple
locations. Also the server(s) will only drop to S3 *if* the S1 sources
become a worse source of time. 'Peer' doesn't take priority over
'Server', it all depends on who has the time with the least amount of

> Do you think that I should be using the same 4 upstream NTP stratum 1
> servers on all my stratum 2 servers? My failure scenario is if one of
> those upstream is faulty, my pool detect it and everything continues
> to work (and if my Internet connection is dead, I have more bigger
> problems than NTP going out of sync)

No! You want diversity for each of your servers! Even though you are
using multiple upstream servers, it is still best to "spread out the
risk"... Technically 3 servers would be the bare minimum (which
provides no redundancy), however generally you want no less than 4 and
no more than 7 servers. I personally try to stay towards the upper end
if at all possible (but I do not choose all stratum 1's).

The general rule is for 2n+1 to protect against "n" falsetickers. So
with 4 upstream servers, you are really only protected against 1 bad
server. However, with 5 upstream, then you are protected against 2
falsetickers, and so on...

Do not feel like you *must* choose all S1 servers for your primary NTP
servers. S2, and even a S3 is okay to have in your mix *if* they all
reasonably agree on the time. The only caveat is you wouldn't want a
S2 server to be using the same S1 server as you already have in your

Finally, if you haven't already checked, 'time.apple.com' has been a
good time source (for my servers at least). On the other hand
'time.cloudflare.com' was showing a constant 2ms offset from the rest
of the group.

More information about the questions mailing list