[ntp:questions] Date Jumped

E-Mail Sent to this address will be added to the BlackLists Null at BlackList.Griffin-Technologies.invalid
Mon Jan 25 00:44:29 UTC 2010

Danny Mayer wrote:
 > Rob wrote:
 >> Maynard <maynard7fold at gmail.com> wrote:
 >>> On 1/7/10, the date on our domain controller jumped to
 >>>  12/7/10, and was there for about 11 minutes before it
 >>>  reverted back to the current date.  At the time this
 >>>  happened, our NTP server was pointed to pool.ntp.org.

likely with a conf of:
   server pool pool.ntp.org

  instead of:
   pool pool.ntp.org

  which would have used 4 servers instead of one

   server 0.pool.ntp.org
   server 1.pool.ntp.org
   server 2.pool.ntp.org
   server 3.pool.ntp.org

 >>> We also have a few Novell servers that were pointed to
 >>>  the same IP addresses as our Server 2003 Domain
 >>>  Controller, and the NTP server for our Novell network
 >>>  also jumped ahead.

 >> This can happen any time.  pool.ntp.org is a large
 >>  collection of servers that joined a voluntary pool
 >>  of servers.  Any single server in this pool can send
 >>  the wrong date and time if it likes to, or if there
 >>  is an error.
 > Someone with privileges changed the clock, realised his
 >  or her mistake and changed it back.

... and if you are using three or more NTP servers,
  if one gets changed to the wrong date / time, it will
  get ignored by NTP.
   See all that NTP byzantine generals stuff;
    NTP minsane & minclock options, ...
    NTP selection / intersection / mitigation algorithms, ...

E-Mail Sent to this address <BlackList at Griffin-Technologies.net>
  will be added to the BlackLists.

More information about the questions mailing list