[ntp:questions] How should an NTP server fail?

David Woolley david at ex.djwhome.demon.invalid
Sat Jun 5 09:13:18 UTC 2010


goofyzig wrote:
> Hi there.  A quick question about what to expect when it comes to NTP
> failures.  I configured a Meinberg NTP server (software-based server),

Meinberg don't do a software NTP Server, although they do do a Windows 
installer for the, University of Delaware, reference implementation of ntpd.

> had it working, serving time to the back-end hosts,  Reachability at
> 377 for its two NTP upstream time sources (internet NTP servers).
> Once configured, I wanted to see how the server failed.
> 
> My expectation was that once Reachability went to zero, the server
> would stop serving time since it no longer has a source itself.  So I
> blocked port 123 UDP/TCP at the firewall, and sure enough,
> Reachability for the two upstream sources slowly wound down from 377
> to zero.  However, once Reachability got to zero, the Meinberg NTP

I think there have been bugs of that nature.  Which version of the ntpd 
code are you using?

> server CONTINUED to serve time, and CONTINUED to say that each of the
> two upstream servers were believable, as if it was still getting time
> from them (but it was not).  I confirmed the drops at the firewall.

Could you please include the ntpq peers, assoc and rv output.  You will 
  need to use the association id's in the rv sub-command to get details 
for the indvidual upstream servers.

Note that, if you have a local clock defined, which you should only do 
after due consideration, the server will never stop serving the time 
with a valid stratum.

> The Reachability was at zero, so I know the Meinberg software was not
> getting NTP time from anywhere.  Yet, it kept serving NTP time to its
> back-end hosts, and kept saying that ach of the two upstream servers
> were good (one colored green, the other yellow, with the * and the +
> signs next to them).   After 5 hours of zero Reachability, nothing
> changed.

That sounds like the ntpq peers output, although the standard ntpq 
doesn't colour code.
> 
> So my question is:  how long does it take before the Meinberg server
> declares itself in a "failed" state and stop serving NTP?  Is that how
> it's supposed to work?  I looked all over the Meinberg site and could

As I said it is not Meiberg's ntpd implementation.  You want to use 
http://www.ntp.org/

> not find any forum or literature regarding how the NTP server is
> expected to fail.  Maybe Im missing a setting?  Thanks for any
> help!!! :)

The correct behaviour is described in the draft NTP v4 RFC 
<http://tools.ietf.org/html/draft-ietf-ntp-ntpv4-proto-13>.

The output stratum should go to 16 before the reachability hits zero, 
and I'd also expect the sys.peer and selected flags to drop as well. 
However this is a fiddly area, and I'd have to double check the code and 
draft RFC.




More information about the questions mailing list