[ntp:questions] Regarding Primary/Secondary NTP setup

Ryan Malayter malayter at gmail.com
Wed Feb 18 15:51:10 UTC 2009

On Tue, Feb 17, 2009 at 2:51 AM, Göran Törnqvist
<Goran.Tornqvist at cypoint.se> wrote:
> Hi,
> I have 2 sites with similar setup, each with its own NTP server.
> Both sites are connected so each site´ clients will use the other site´s NTP server as secondary.
> The NTP primary/secondary will use 2 other stratum 1 servers to sync with.
> A requirement is that traffic to secondary server is only sent when primary is unreachable.
> My question is if simply configuring the client´s primary using "server X.X.X.X prefer" in ntp.conf will accomplish this?
> If I understand it right ntp needs to query all servers in the server list to compute which one is the most reliable?
> I guess this could be OK if this querying is done very rarely.
> Also, since there shouldn´t be any traffic between the sites, the primary and secondary will not sync with each other, is this a bad idea?

"A man with two watches never knows what time it really is" or
something like that.

Two servers is considered the worst possible NTP configuration. You're
better off with one server; three or four is really best.
See: http://twiki.ntp.org/bin/view/Support/DesigningYourNTPNetwork

NTP's bandwidth requirements are very low, and you can even reduce it
further by adding a "minpoll X" directive at the expense of accuracy.

How many NTP clients are there on each side? Even if there were 1000
clients at each site, your average traffic with all clients talking to
two servers at each site would result in about 5.6 kbps average in
both directions on the WAN link using default settings. This is about
0.3% of a T1 connection's bandwidth.

Now, if the WAN link is very expensive (satellite?) or only
intermittently connected, that will add to the complexity. If you are
truly required to have absolutely zero traffic between the sites, you
really are going to have to do some network-layer routing magic to
prevent traffic from passing until you are in fail over mode. Such a
configuration might require a load-balancer NAT device, or other
network-layer clustering solution.

More information about the questions mailing list