[ntp:questions] Yet Another Isolated Network Question

Brad Knowles brad at stop.mail-abuse.org
Thu Dec 16 22:23:29 UTC 2004


At 4:59 PM +0000 2004-12-16, Bruce Baumgart wrote:

>  1) It will remain completely, totally private.  No outside connections,
>  no matter how brief.  Never.
>
>  2) I cannot simply add a GPS/WWVB/etc reciever.  End of discussion.

	Hmm.  Sounds like the application might be for a classified 
network, or at least one handling highly sensitive data.

	In this case, were it me, I would be looking for a way to add an 
accurate timing reference, such as an oven-stabilized crystal 
oscillator (OXCO), or perhaps even a rubidium clock.  There's no 
connection to the outside world, so the absolute time is whatever you 
set on the server according to your watch (or whatever).  But at 
least the drift will be relatively tightly controlled.

>  3) I cannot alter connection methods, topology, etc.

	What does this mean?  Does this mean you can't change what 
software runs on what server?  Does this mean that you can't 
physically change what is plugged into what, even down to the level 
of a mouse or keyboard, or a serial cable to an external timing 
reference device which is not otherwise connected to anything else in 
the world (other than a power source)?

>  4) I am not interested in sub-second synchronization.  When I got brought
>  in, the DNS server and the SMTP server were 1/2 an hour apart, and had
>  been that way for a long time.  +/- a few seconds is fine <shudder>.

	I understand, but the situation that you inherited was caused by 
drift.  I would think that drift is something you'd care about, and 
want to try to keep under reasonably tight control.  Ideally, I would 
think that you would want an external reference device to which ntpd 
can compare against the internal local clock, as opposed to just 
depending on the local clock.

>  Will NTP work the way I think it will in these circumstances?  Mainly
>  thinking about the local server serving time, not drifting too far, etc?

	I confess that my knowledge of NTP is not nearly as deep as you 
will find in some other people on this group, but I would expect that 
this should, more or less, work basically the way you want.

>  Is there a better way, given my loose requirements and draconian
>  restraints?

	The one thing I'd look at would be adding an OXCO to the 
server(s) as a reasonably accurate relative time reference -- they 
won't pull data out of the airwaves (or any other method) to tell you 
what the time currently is, but they'll give you a pretty good idea 
of just exactly how long a second really is, and should help you keep 
your drift to a minimum.

	But maybe that's just me.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.



More information about the questions mailing list