[ntp:questions] [pool.ntp.org] 87 servers so far / web server configuration / some other small things

Adrian 'Dagurashibanipal' von Bidder varys at fortytwo.ch
Tue Sep 16 17:41:23 UTC 2003

Yo all!

It has been a while since the last newsletter.  Mainly, this is because not
much has been happening.  The project still grows by roughly 1 server every

Topics today:
 - zone count
 - entering pool.ntp.org in your web browser
 - problems with some resolver libraries
 - nameserver changes
 - future: monitoring

current zone count

 There are a few zones with only 1 or 2 servers - I don't recommend using
these, as a server failure effectively kills your ntp configuration. The
zones with 3 and more servers are:

      3 fr.p.n.o
      3 pl.p.n.o
      5 nz.p.n.o
      6 oceania.p.n.o
      7 de.p.n.o
     10 ch.p.n.o
     10 nl.p.n.o
     33 us.p.n.o
     34 north-america.p.n.o
     46 europe.p.n.o
     87 pool.ntp.org

Thanks to all contributors!

pool.ntp.org in your web browser

 If you type pool.ntp.org (or nl.pool.ntp.org or north-america.pool.ntp.org)
in your web browser, it shows a random web site which has probably nothing
to do with the pool.ntp.org project.  This is only natural, since the idea
of the project was to distribute the pool.n.o addresses over as many hosts
as possible.

 But as the project is targetted as not-so-tech-savvy users who might be
confused by this, I suggest that you add a virtual host to your web server
configuration - if this is possible (I do *not* consider this a
requirement. It's just one of these nice-to-have things that would not be
much work if you happen to run a webserver on your ntp server anyway). On
apache, the configuration would be:
| <VirtualHost *:80>
|     ServerName pool.ntp.org
|     ServerAlias <continent>.pool.ntp.org
|     ServerAlias <country>.pool.ntp.org
|     Redirect permanent / http://www.pool.ntp.org/
| </VirtualHost>
Where <country> and <continent> of course are replaced to match your
timeserver's location.

resolver libraries

The 'Round-Robin' thing...

 It was reported that the nameserver caching daemon (nscd) of Sun's
operating system does not rotate cache entries - so, the sample config file
of the web site does not work, since the same server is added three times.

 If you're affected by this, three strategiese offer itself:
 - if you can, install a caching nameserver in your local network (one that
does rotate entries) and disable the nscd on all systems (or at least for
DNS resolution on the timeservers).
 - use different names in your timeserver config (like
        server ch.pool.ntp.org
        server ch.time.fortytwo.ch
        server nl.pool.ntp.org
        server nl.time.fortytwo.ch
(yes, the old time.fortytwo.ch names do still work)
 - manually pick a number of satisfying timeservers from the list returned
by the 'host' or 'nslookup' program.

 Another solution would be to re-introduce sub-zones like
{1,2,3}.pool.ntp.org.  Personally, I think that would be a step backwards,
and also I don't really like the many zones that would create (for
country-level and continent-level zones, too).  If this issue comes up more
often I could be persuaded otherwise, but right now I don't think it's
worth the bother.

nameserver things

 Since f.ns.madduck.net seems to be down (and the administrator indicated
that it likely will be unreliable in the future) I have to request a change
in the nameserver configuration.  I have taken this opportunity to
distribute the nameservers a bit more evenly over the world - thanks go to
Simon Lyall and Dale E Martin for providing nameservers in the US and in
NZ.  Of course, thanks go to Martin F. Krafft and Bart-Jan Vrielink, too,
for providing the other nameservers, as well as those who have offered
additional backup DNS servers - nameservers should not be a problem for a
long time.

 Note that these changes need yet to be implemented by the folks at UDel who
operate the ntp.org nameserver, so it will be a few days.  For anybody
using the zone or contributing his timeserver, nothing should change.


An interesting debate was started by Tim Shoppa on the
timekeepers at fortytwo.ch mailing list about the quality of the pool.ntp.org
time service.  While I still think that anybody who really cares about
accuracy should not be using the pool in his ntp.conf file, but should
manually pick his servers, the concerns that the zone should be quicker to
drop obvious falsetickers and unreachable servers are valid.  I will play
around with a nameserver containing the whole pool, ntpq, and a database
backend to store the pool information to see how I can automate the
monitoring further.  I won't promise a date here, though - everybody knows
that 24h/day are just too little time to do everything we want...

Ok, I think this is all. In case you've got more questions, as always, the
mailing list at timekeepers at fortytwo.ch is the right place to ask.  Or, for
more general things, the comp.protocols.time.ntp newsgroup.

-- vbi

Verbogeny is one of the pleasurettes of a creatific thinkerizer.
        --  Peter da Silva

More information about the questions mailing list