[ntp:questions] Date Jumped
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Jan 13 14:16:48 UTC 2010
> Richard B. Gilbert <rgilbert88 at comcast.net> wrote:
>> Rob wrote:
>>> Maynard <maynard7fold at gmail.com> wrote:
>>>> On 1/7/10, the date on our domain controller jumped to 12/7/10, and
>>>> was there for about 11 minutes before it reverted back to the current
>>>> date. At the time this happened, our NTP server was pointed to
>>>> pool.ntp.org. We also have a few Novell servers that were pointed to
>>>> the same IP addresses as our Server 2003 Domain Controller, and the
>>>> NTP server for our Novell network also jumped ahead. Are we the only
>>>> ones that had this issue on this day? Or are there others out there
>>>> that experienced the same problem on the 7th. Thanks
>>> This can happen any time. pool.ntp.org is a large collection of
>>> servers that joined a voluntary pool of servers. Any single server
>>> in this pool can send the wrong date and time if it likes to, or if
>>> there is an error.
>>> It is better to use at least 3 different servers from the pool. I.e.
>>> use servernames 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org for 3
>>> different servers.
>>> That way, of one fails or plays nasty games, your time will not be
>> Better still to use at least four servers, whether from the pool or not.
>> Using only three servers leaves you vulnerable; if one of them fails you
>> are left with two and no possibility of "voting one out" if one the
>> remaining servers fails, for it is written that a man with two clocks
>> can never be certain what time it is!
> I am not going to play the game "it is better to use 25 servers because
> if you use 24 and 23 of them fail it leaves you vulnerable".
A lot depends on how important it is to have the correct time. Some
applications have legal requirements for correct time stamps! Others
couldn't care less!
More information about the questions