[ntp:questions] Re: Public servers?

Tim Hogard thogard at abnormal.com
Thu Jul 31 13:27:14 UTC 2003


David L. Mills (mills at udel.edu) wrote:
: Tim,
: 
: I'm not sure we should be having this discussion. I make no claims 
: whatsoever about the public lists other than to put up whatever folks 
: send me without any checking whatsoever. Life is too short. I do insist, 
: quite radically in fact, that the access conditions be really and truly 
: respected, having been victim myself of folks who have violated them on 
: our time servers for 17 years (sic!).
: 
: If you have an alternate scheme other than the public lists and 
: pool.ntp.org, it should be posted on the web at www.ntp.org. The twenty 
: volunteer servers returned from a DNS query to pool.ntp.org have agreed 
: to open access and are scattered all over the world.
I'm working on that.  I've been in contact with someone else.

: Your scheme should be useful in other cases, as long as the servers have 
: agreed to open access. Remember, open access can lead to (and has in 
: several cases) to over 300 packets per second and in one case (U 
: Wisconsin) several thousand packets per second. This is why our primary 
: servers have serious access restrictions and draconion traffic shaping. 
: I do not in any way want those servers to be accidently discovered 
: without access restrictions being very visible and respected.
I generate a different list for everyone that hits the server.   The
only way its going to "discover" a limited access stratum one or
two server is if you run a web browser on that server.  All it does
it ask nearby routers for the time using an NTP version 1 packet.
If any of these routers are bothered by 300 packets per second,
they have many other problems.

I will change the wording on the output page a bit.

I am well aware of the problem with the stratum 1/2 servers and them
being overloaded (including the recent issue at csiro).

The problem I'm tring to solve is people hear about NTP, and think
it would be good not to set their clocks again.  The go to google and
find your page about NTP servers.  They figure they are a little
unimportaint site and set things up to talk to a stratum 1 server wihout
asking.  Sometimes they even put the IP address into a device and
then ship a few hundred thousand.  Thats what we both want to stop.

You also have the people who figure stratum two is ok but stratum
1 must be better.  After reading "In most cases the accuracy of the
NTP secondary (stratum 2) servers is only slightly degraded relative
to the primary servers and, as a group, the secondary servers may
be just as reliable.", they are more likly to use a stratum 1 server.
Degraded time and lower reliabilityto the average person means the
clocks could be minutes slow as opposed to miliseconds off.

I've had that discussion with someone before.  In the end I convinced
him that he should find a stratum 3 because the stratum 1 servers
were for radio telescopes and scientist and in general sent more
zero bits to his server than the stratum 3 server would.  He was
looking for something to reset his clock every hour and had no
business using a stratum one server.  I wrote the script after that
because I got tired of explainging traceroute and ntpdate.

I would like to see your page have some wording along the lines of:
If your tring to sync your pc network so that the time is within a
second or so, please consider looking here for a server with a link
to pool.ntp.org.

I would also think it would be a good idea to put the wording like
"Do no use any of these as default servers in software package or
hardware device without first contacting the server operator and
obtaining permission"

I'm now off to add more words of warning to my script...

-tim
http://web.abnormal.com



More information about the questions mailing list