[ntp:questions] NTP 4.2.6p3 multicast server not visible in orphan peer to peer mode?

Wu, Bailey Bailey.Wu at thalesgroup.com.au
Wed Apr 6 23:55:49 UTC 2011


Thanks for all the comments :)

Steve, I like your second configuration. I applied it yesterday with the following modifications:

# /etc/ntp.conf for server 1
driftfile /var/ntp/ntp.drift
broadcastserver 224.0.1.1
server 127.127.1.0
fudge 127.127.1.0 stratum 4

# /etc/ntp.conf for server 2
driftfile /var/ntp/ntp.drift
broadcastserver 224.0.1.1
server 127.127.1.1
fudge 127.127.1.1 stratum 6
server server1 true maxpoll 6 prefer


It seems to do what I want. But fail over to server2 is very slow, takes about 
10min for server2 to sync with it's own clock and all clients to then sync to 
server2. I had to use 127.127.1.1 for server2 otherwise it will refuse to sync
with server1 because it fails the peer loop test.
I'm curious about the "tos orphan 12" line you have for server2, what's the
effect of this? would this make server2 realise server1 is down and 
then switch to its local clock faster?
Does this mean all clients that are connected need to 
have this orphan mode line as well?



-----Original Message-----
From: questions-bounces+bailey.wu=thalesgroup.com.au at lists.ntp.org [mailto:questions-bounces+bailey.wu=thalesgroup.com.au at lists.ntp.org] On Behalf Of Steve Kostecke
Sent: Thursday, 7 April 2011 1:07 AM
To: questions at lists.ntp.org
Subject: Re: [ntp:questions] NTP 4.2.6p3 multicast server not visible in orphan peer to peer mode?

On 2011-04-06, Wu, Bailey <Bailey.Wu at thalesgroup.com.au> wrote:

> My setting for clients and server are very similar to those below. but
> the HPUX clients seem to only see two servers at a time (instead of 4
> as would be expected). I'm also noticing that some solaris clients are
> not able to ntpdate to the servers.

Please hard-break your text at ~65 columns.

> Here's my ntp config files.

There's nothing about NTP auth in any of your config files. So I'm going
to have to assume that you're disabling it on the command line.

I'd set up the servers this way if it does not matter which one is the
master:

# /etc/ntp.conf for server 1 & 2
driftfile /var/ntp/ntp.drift
restrict default nomodify
restrict 127.0.0.1
tos orphan 10
manycastclient 224.0.1.1
manycastserver 224.0.1.1

I'd set up the servers this way to have server one as the master (with
failover to server 2)

# /etc/ntp.conf for server 1
driftfile /var/ntp/ntp.drift
restrict default nomodify
restrict 127.0.0.1
manycastserver 224.0.1.1
server 127.127.0.1
fudge 127.127.0.1 stratum 10

# /etc/ntp.conf for server 2
driftfile /var/ntp/ntp.drift
restrict default nomodify
restrict 127.0.0.1
tos orphan 12
manycastclient 224.0.1.1
manycastserver 224.0.1.1

> I originally had the following restrict options for the servers:
> restrict -4 default kod notrap nomodify noquery
> restrict <interface1> mask <mask1>
> restrict <interface2> mask <mask2>
> restrict 127.0.0.1
> restrict ::1

This is likely overkill for your disconnected network.

Please keep in mind that your configuration has NTP on the server(s)
following the system clock. You need a time source if you want stable
clocks.

-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

_______________________________________________
questions mailing list
questions at lists.ntp.org
http://lists.ntp.org/listinfo/questions



DISCLAIMER:---------------------------------------------------------------------------
This e-mail transmission and any documents, files and previous e-mail messages
attached to it are private and confidential. They may contain proprietary or copyright
material or information that is subject to legal professional privilege. They are for
the use of the intended recipient only.  Any unauthorised viewing, use, disclosure,
copying, alteration, storage or distribution of, or reliance on, this message is
strictly prohibited. No part may be reproduced, adapted or transmitted without the
written permission of the owner. If you have received this transmission in error, or
are not an authorised recipient, please immediately notify the sender by return email,
delete this message and all copies from your e-mail system, and destroy any printed
copies. Receipt by anyone other than the intended recipient should not be deemed a
waiver of any privilege or protection. Thales Australia does not warrant or represent
that this e-mail or any documents, files and previous e-mail messages attached are
error or virus free.
--------------------------------------------------------------------------------------




More information about the questions mailing list