[ntp:questions] zeroconf for ntpd?
ibuprofin at painkiller.example.tld
Fri May 25 00:53:52 UTC 2007
On Wed, 23 May 2007, in the Usenet newsgroup comp.protocols.time.ntp, in
article <87odkbdjzt.fsf at ancho.wsrcc.com>, Wolfgang S. Rupprecht wrote:
>ibuprofin at painkiller.example.tld (Moe Trin) writes:
>> Why are you allowing your users to screw with system configuration
>Not anytime I call the shots. I'm a strong advocate of using rdist to
>make sure every file I care about is identical to the golden system.
>(Usually that is everything but a half dozen /etc files that are
>symlinked to host-specific files).
Our users can't screw with the files, and those who have root or sudo
capabilities _tend_ to know what they're doing. Accidents happen, but
not very often.
>I assign IP addresses via DHCP based on the MACs. All the internally
>accessible services are listed on DHCP so that trusted guest systems
>can find the printers and time servers. Almost-zero-conf(tm) via DHCP
>works for me (and I assume any organization that has admins).
Our systems are not permitted to go 'walkies' without tons of paperwork
and are only configured by computer support staff. The tech who installs
the software has a sheet of paper listing "the right names and numbers"
for this particular box. While a new printer may get installed, a
nightly 'rsync' file takes care of updating the printcap. I don't
remember the last time a router, NIS or DNS server actually changed IP
address - at least 20 years ago. As for "guest" or "temporary"
systems, they go through the standard install process. Visitors (heck,
even regular employees) are simply not allowed to bring in
non-company hardware. The rare visiting company box also has to be
vetted before connecting. Who, us paranoid?
>The case I see to zero-conf systems is for home users that don't have
>any pre-configured DHCP server to point them at all the nice services
>they might want to use. Setting up a new BSD or linux system in such
>a situation is going to be quite a learning experience. It would be
>best to just have the install or runtime system configure things as
>best it can.
I'd agree that services like NTP, news, mail, and central authentication
and file services aren't well supported, but the modern installation
programs in the "popular" distribution make a good effort.
>The problem I see is that the current setup is quite wasteful. If a
>home user has 3 running systems, it beats up on 3x4 pools servers.
>That is 3x more load than strictly needed, especially since pools
>servers are already being hit up for 15 ntp queries per second. It
>would be good to figure out a way to lower that load and be able to
>serve the rest of the 99% of the systems that currently aren't using
I may be missing something, but 15 queries a second - that's pretty
much a "nothing" load. A hundred times that should still be well
within the capabilities of a "T1" connection, never mind that of
a Pentium grade based system.
More information about the questions