[ntp:questions] Suitable ntp.conf for public NTP server?
Dennis Hilberg Jr
dhilberg at comcast.net
Sun Oct 29 17:59:07 UTC 2006
Thank you for the information.
"Richard B. Gilbert" <rgilbert88 at comcast.net> wrote in message
news:7ridncEDY6V7N9nYnZ2dnUVZ_v6dnZ2d at comcast.com...
| Dennis Hilberg Jr wrote:
| > Thanks for replying.
| > No, I do not have a static IP address with Comcast. However, I have had
| > good luck with them in this area regarding consistent IP addresses. I
| > to my current home back in the beginning of February 2006, and had the
| > IP address until just about a week ago. At my previous residence, I had
| > same IP address for almost two years.
| > I don't use DynDNS, but I do have a website through a provider that
| > its users to edit their own DNS records. So I created a custom A record
| > my server as a sub-domain of my website, which points to my IP address
| > It works great. So if/when my IP address changes, all I would have to
| > update the A record in my web's DNS configs. Which I think would be
| > than having to submit an IP address change to the pool. But my IP
| > are so infrequent that I think I would be ok. This is really the only
| > reason I'm considering submitting the server, as I really don't want to
| > create any issues for the pool by having an IP address that would change
| > frequently.
| > I do not have a UPS system either. Is this a requirement?
| > After reading your reply, and doing more research, I've come up with
| > ntp.conf:
| > restrict default kod nomodify notrap nopeer noquery
| > restrict 127.0.0.1
| > restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap nopeer noquery
| > server bigben.cac.washington.edu iburst # University of
| > Seattle, WA
| > server utcnist.colorado.edu iburst # JILA Laboratory,
| > University of Colorado
| > server time-nw.nist.gov iburst # Microsoft Corporation,
| > Redmond, WA
| > server father-time.t-bird.edu iburst # The Garvin School of
| > International Managment, Glendale, AZ
| > server time-a.timefreq.bldrdoc.gov iburst # NIST Boulder
| > Boulder, Colorado
| > server clepsydra.dec.com iburst # HP Western Research
| > Laboratory, Palo Alto, CA
| > server time.xmission.com iburst # XMission Internet,
| > Lake City, Utah
| > driftfile /etc/ntp/drift
| > logfile /var/log/ntp/ntp.log
| > statsdir /var/log/ntp/
| > statistics loopstats peerstats clockstats
| > filegen loopstats file loopstats type day enable
| > filegen peerstats file peerstats type day enable
| > filegen clockstats file clockstats type day enable
| > # Authentication parameters
| > #keys /etc/ntp/keys
| > #trustedkey 2 3 4
| > #controlkey 3 # To access the ntpq utility
| > #requestkey 2 # To access the ntpdc utility
| > The keys I do not have set up yet. What would be the purpose of having
| > on a public server? Or maybe I don't understand what the keys are for.
| > doesn't 'noquery' in the default restrictions prevent remote access of
| > and ntpdc?
| > Thanks again.
| The purpose of having keys is to enable you to use the privileged
| functions of ntpdc and ntpq and to prevent strangers from doing so!
| Restrict noquery does prevent people from querying your server via ntpq
| or ntpdc. Your clients, however, might just like to know some of the
| things ntpdc or ntpq could tell them.
| The UPS is not a requirement, just a good idea. Where I live the power
| company doesn't believe in preventative maintenance (like trimming
| trees) so every time we have a wind storm, the power lines contact
| branches, the fuse blows and we have no power for the two to three hours
| it takes them to come out and replace the fuse. One of these days I'm
| going to break down and buy a generator to back up the UPS.
| In a lot of places, the power can "blink" just long enough to cause a
| computer to reboot. A UPS lets you "ride out" all these little glitches
| and gives you ten or fifteen minutes in which to do a clean shutdown
| when the power does go off.
More information about the questions