[ntp:questions] Internal time server

Steve Kostecke kostecke at ntp.isc.org
Wed Mar 14 19:01:25 UTC 2007

On 2007-03-14, RICCARDO <castellani.riccardo at tiscali.it> wrote:

>"Steve Kostecke" wrote:
>>You can't use "restrict default ignore" and pool servers (or any other
>>hostnames that resolve to multiple IP addresses
> What do you suggest me, to use server hostnames which resolve unique
> IP address ?

That all depends on your application and requirements.

If your ntpd is behind NAT or a stateful firewall you don't really need
"restrict default ignore" and can safely use pool servers.

If your ntpd has a public, routable, IP address AND is not behind a
stateful firewall AND you feel that you MUST use "restrict default"
ignore, then you should choose servers from the Public Stratum-2 Time
Servers list at http://www.ntp.org/s2 or http://ntp.isc.org/s2

Under no circumstances should you ever hard code a pool server
host-name/ip-address in your ntp.conf unless that server is listed on
one of the Public Time Servers lists.

Please read http://ntp.isc.org/Support/AccessRestrictions and follow the
check-list for choosing your default restriction.

>How many servers should you insert into ntp.conf ? min. 4

A minimum of 4 will provide ntpd with enough redundancy to determine the
correct time if one of those 4 servers goes bad.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/

More information about the questions mailing list