[ntp:questions] Re: Sufficient # servers to sync to
brad at stop.mail-abuse.org
Thu Mar 17 17:02:38 UTC 2005
At 3:19 PM +0000 2005-03-17, John Sasso wrote:
> Question regarding 3 NTP servers and sanity-checking. I can understand that
> if one out of the 3 failed such that it could not longer be contacted then
> the other two would pose a dilemma to the client, as you noted. However,
> suppose the one failed in such a manner that it could still be contacted and
> give out time but it provided clearly erroneous time. In this situation,
> wouldn't the other two provide a "sanity check" against the falseticker?
No. Three servers gives you absolutely no protection against
falseticker. If you want that, you have to use at least four. If
you ever fall down below four, you've got a problem.
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the questions