[ntp:questions] "ntpd -q" is slow compared to ntpdate
Richard B. Gilbert
rgilbert88 at comcast.net
Mon Oct 20 16:31:26 UTC 2008
Svein Skogen wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Mohit Aron wrote:
>>> Mohit> I don't think '-g' option to ntpd is a practical solution - since
> I've kept out of this topic on purpose, simply because I did not want to
> add anything that people would take as a personal attack (and I failed
> to see how I could vent my feelings without looking like I was starting
> a flame war)
> The way I see this, we're separated into two general camps here. In one
> of the camps we find the purists who more or less on principle wants
> ntpdate gone, because they want everybody to run ntpd. I can understand
> them, even if I do not agree with them.
> The other camp consists mostly of people in the operations environment.
> A lot of them doing remote management of servers. In this camp, any
> additional time in the boot sequence is both wasted time, and a
> nightmare because you always have that nagging "what will go wrong THIS
> time" when you remote reboot anything. I've been there, and I know the
> For the operations people, ntpdate is a supplement to ntpd, not a
> replacement. They run ntpdate to get log timestamps +-1millennium
> correct, then get on with their boot and throw ntpd into the background
> to keep timestamps somewhat trusty.
> Thus, they want ntpdate, or a script just as fast. 'ntpd -q -g' is NOT
> the solution to their problem. Period. A script converting ntpdate
> parameters into 'sntp -r' MAY be the solution.
> However the real problem here is the fundamentalists that seem to want
> ntpdate gone totally. This is a problem I'm afraid noone here can help
> them with. If they have religious reasons for wanting something done or
> gone, I suggest talking to a cleric about them. Sorry if I've insulted
> anybody with this.
There may be some aspects of "religious wars" but I think it's a good
deal simpler than it may appear!
Ntpdate is OLD code. There is no one able and willing to maintain it.
It has vulnerabilities not shared by ntpd or sntp. There are enough
copies of the source floating around that it will never disappear
"Deprecated" simply means "we no longer support it and you continue to
use it AT YOUR OWN RISK!"
If someone stepped up to maintain the code. . . .
More information about the questions