[ntp:questions] Servers with identical ntp.conf keep falling out of sync

Steve Kostecke kostecke at ntp.isc.org
Tue Jan 16 13:29:21 UTC 2007


On 2007-01-16, Gushi <google at gushi.org> wrote:

> restrict default ignore
> restrict 127.0.0.1
> server 0.us.pool.ntp.org
> server 1.us.pool.ntp.org
> server 2.us.pool.ntp.org

This won't work at all. You've told ntpd to ignore all NTP packets from
any possible source. And you've not told it to accept NTP packets from
your time servers.

Please read http://ntp.isc.org/Support/AccessRestrictions and follow the
"decision tree" for setting your default restriction.

The NTP Pool is intended to provide "good enough" time for general
use (i.e. end users). If this is an "important" application you're
probably better off choosing the time servers you wish to use. There
is a list of Public Stratum 2 time servers at http://www.ntp.org/s2 or
http://ntp.isc.org/s2.

> The problem is, that the servers keep drifting apart from each other,
> to the degree that DNS TSIG transactions break down.  Is there anything
> obvious to try to fix this?

Fix your restrictions. If there's still a problem you'll need to post
the output 'ntpq -p your_server' (after that server has been running for
~10 minutes).

> Usually when this happens, killing ntpd and then running ntpdate will
> fix it.

In your case, ntpd is never actually talking to any of your remote time
servers and never disciplines your clocks. Running ntpdate brings your
clocks close enough for things to work for a while. Then ntpd spins its
wheels while the clocks drift again.

You may want to make a few improvements once you have your ntpd talking
to the remote time servers:

1. Speed up initial synchronization (from ~8 minutes to ~20 seconds) by
appending 'iburst' to your server lines

2. Increase the number of time sources to 4 or 5 (or even a few more)
to provide sufficient redundancy in the event that some of your time
sources become unavailable, unsynchronized, or just plain wrong.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list