[ntp:questions] Suitable ntp.conf for public NTP server?

Dennis Hilberg Jr dhilberg at comcast.net
Sun Oct 29 17:59:07 UTC 2006


Thank you for the information.

"Richard B. Gilbert" <rgilbert88 at comcast.net> wrote in message 
news:7ridncEDY6V7N9nYnZ2dnUVZ_v6dnZ2d at comcast.com...
| Dennis Hilberg Jr wrote:
|
| > Thanks for replying.
| >
| > No, I do not have a static IP address with Comcast.  However, I have had
| > good luck with them in this area regarding consistent IP addresses.  I 
moved
| > to my current home back in the beginning of February 2006, and had the 
same
| > IP address until just about a week ago.  At my previous residence, I had 
the
| > same IP address for almost two years.
| >
| > I don't use DynDNS, but I do have a website through a provider that 
allows
| > its users to edit their own DNS records.  So I created a custom A record 
for
| > my server as a sub-domain of my website, which points to my IP address 
here.
| > It works great.  So if/when my IP address changes, all I would have to 
do is
| > update the A record in my web's DNS configs.  Which I think would be 
easier
| > than having to submit an IP address change to the pool.  But my IP 
changes
| > are so infrequent that I think I would be ok.  This is really the only
| > reason I'm considering submitting the server, as I really don't want to
| > create any issues for the pool by having an IP address that would change
| > frequently.
| >
| > I do not have a UPS system either.  Is this a requirement?
| >
| > After reading your reply, and doing more research, I've come up with 
this
| > ntp.conf:
| >
| >
| > restrict default kod nomodify notrap nopeer noquery
| > restrict 127.0.0.1
| > restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap nopeer noquery
| >
| > server bigben.cac.washington.edu   iburst       # University of 
Washington,
| > Seattle, WA
| > server utcnist.colorado.edu        iburst       # JILA Laboratory,
| > University of Colorado
| > server time-nw.nist.gov            iburst       # Microsoft Corporation,
| > Redmond, WA
| > server father-time.t-bird.edu      iburst       # The Garvin School of
| > International Managment, Glendale, AZ
| > server time-a.timefreq.bldrdoc.gov iburst       # NIST Boulder 
Laboratories,
| > Boulder, Colorado
| > server clepsydra.dec.com           iburst       # HP Western Research
| > Laboratory, Palo Alto, CA
| > server time.xmission.com           iburst       # XMission Internet, 
Salt
| > Lake City, Utah
| >
| > driftfile /etc/ntp/drift
| > logfile /var/log/ntp/ntp.log
| >
| > statsdir /var/log/ntp/
| > statistics loopstats peerstats clockstats
| > filegen loopstats file loopstats type day enable
| > filegen peerstats file peerstats type day enable
| > filegen clockstats file clockstats type day enable
| >
| > # Authentication parameters
| >
| > #keys           /etc/ntp/keys
| > #trustedkey     2 3 4
| > #controlkey     3       # To access the ntpq utility
| > #requestkey     2       # To access the ntpdc utility
| >
| >
| > The keys I do not have set up yet.  What would be the purpose of having 
keys
| > on a public server?  Or maybe I don't understand what the keys are for. 
And
| > doesn't 'noquery' in the default restrictions prevent remote access of 
ntpq
| > and ntpdc?
| >
| > Thanks again.
| <snip>
|
| The purpose of having keys is to enable you to use the privileged
| functions of ntpdc and ntpq and to prevent strangers from doing so!
| Restrict noquery does prevent people from querying your server via ntpq
| or ntpdc.  Your clients, however, might just like to know some of the
| things ntpdc or ntpq could tell them.
|
| The UPS is not a requirement, just a good idea.  Where I live the power
| company doesn't believe in preventative maintenance (like trimming
| trees) so every time we have a wind storm, the power lines contact
| branches, the fuse blows and we have no power for the two to three hours
| it takes them to come out and replace the fuse.  One of these days I'm
| going to break down and buy a generator to back up the UPS.
|
| In a lot of places, the power can "blink" just long enough to cause a
| computer to reboot.  A UPS lets you "ride out" all these little glitches
| and gives you ten or fifteen minutes in which to do a clean shutdown
| when the power does go off.
| 





More information about the questions mailing list