[ntp:questions] General ntp architecture question

Rob nomail at example.com
Mon Aug 2 08:48:10 UTC 2010


konsu <konrad.azzopardi at gmail.com> wrote:
> Hello list,
>
> I work for an investment bank with 300 UNIX servers, around 3000
> workstation PCs and would like to ask some questions to more
> experience users.
>
> a) Are there any banks relying on ntp pool project or should we
> consider having our own GPS clock ?
> b) What are the criteria to consider in deciding when ntp pool project
> is enough for our needs ?
> c) Should we decide to use ntp, for an organization of our size would
> 2 servers syncing to ntp pool project in DMZ and 2 servers inside to
> which all UNIX servers + Domain Controller will sync (PCs would sync
> to the Domain controller) suffice ?

I would not recommend to use the pool, but either try to find the money
required for a local clock receiver (which I can understand could be
very difficult in a bank), or else configure a couple of fixed servers
that have announced that they are available for public use.

Using the pool is more for user workstations that reboot frequently and
want to get a server automatically assigned.
For servers with a long uptime and for users that want some sort of
guaranteed correct time it is not so suitable, especially with the
ntpd software as it currently exists.
(e.g. when a pool server decides to stop providing the service while
your system is running and not restarted, this problem will not be
recovered)

Finally, what you should do is assign one or a few NTP servers inside
your company, synchronize all the other systems from there, and synchronize
the few servers to the external world.
I.e. not let every server sync to the external world itself.

This does not only cut the traffic and the load on external servers, it
also makes your own servers all agree on the same time.  This is often
more important than that this agreed time is exactly correct.




More information about the questions mailing list