Using BIND - was Re: [ntp:questions] Re: How long do I havetowaitfor sync?

Brad Knowles brad at
Sat Jun 4 16:20:43 UTC 2005

At 10:08 AM +0000 2005-06-04, David J Taylor wrote:

>  Thie idea of configuring my own DNS server to talk directly to the root
>  DNS servers for the Internet had not occured to me, just as one would not
>  normally talk to a stratum one NTP server directly.  [Is there anything to
>  learn from this for the NTP guys?].

	The reason this works for the DNS and not for NTP is that the 
information you get back from the DNS is cached for long periods of 
time, and all the root nameservers do is hand out referrals.  They 
have a relatively small zone of information regarding .com, .edu. 
.gov, and all the country-code top-level-domains (ccTLDs), and that's 
all they know.  The real information is provided by the servers below 
that level, and because of caching you almost never contact the root 
nameservers directly.

	Imagine if you were asking for information from the Stratum-1 
time servers, and all they did was provide referrals to time servers 
that are closer to you, but did not actually provide any answers 
themselves.  Of course, you would then contact these time servers 
that are closer to you, and they might provide referrals to other 
time servers that are even closer (and further down in the stratum 
chain).  Once you finally found the time servers which are closest to 
you, you would never again go talk to any upstream time servers, 
unless your machine was rebooted or you manually changed the 
configuration, etc....

	Under circumstances like this, the Stratum-1 time servers might 
actually be able to hold up under the load of millions and billions 
of machines around the 'net.  The analogy doesn't quite completely 
hold, but that's about the closest I can come.

	Now, imagine that you could locate extra "copies" of the 
Stratum-1 time servers all around the world, using routing tricks to 
make the same IP address appear to be in fifty or more locations on 
the Internet.  The root nameservers do this today ( 
alone has more than fifty instances around the world), through a 
technique called "anycast".

	The closest you get with NTP is something called "manycast", but 
which does also significantly reduce the load on the upstream time 

>  I've added the .invalid at the end of my address (although while writing
>  this post rather than before writing, so it may not appear) to alleviate
>  any excess load I may be causing.

	It worked.  Thanks!

Brad Knowles, <brad at>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <> for more info.

More information about the questions mailing list