[ntp:questions] multiple instances of NTP on different interfaces

unruh unruh at invalid.ca
Wed Mar 6 17:15:40 UTC 2013

On 2013-03-06, Rob <nomail at example.com> wrote:
> unruh <unruh at invalid.ca> wrote:
>> On 2013-03-05, Rob <nomail at example.com> wrote:
>>> unruh <unruh at invalid.ca> wrote:
>>>> On 2013-03-05, Rob <nomail at example.com> wrote:
>>>>> David Woolley <david at ex.djwhome.demon.invalid> wrote:
>>>>>> Abu Abdullah wrote:
>>>>>>> Does this mean ntpd is not supposed to be run in parallel? Is there any
>>>>>> It is not seen as something anyone would want to do.
>>>>> I could understand why someone would want to run one instance that
>>>>> controls the clock, and another instance that only serves time to
>>>>> clients on the (inter)net and cannot control the clock.
>>>> You could? I cannot. ntpd both controls the clock and serves time. Why
>>>> would you want to split those?
>>> Because the users of the clock service may be able to disturb that
>>> service, e.g. by overloading it, by making it crash sending it invalid
>>> requests, etc.  Some people may consider the service to keep their own
>>> clock correct to be more important than the service to tell time to
>>> others.
>>> Seeing the reply that the OP posted in the meantime, I was not too far
>>> off.  He wants a separation between the internal use of NTP to sync
>>> the local and other important systems, from the service to give time
>>> to others.
>>> I think it is a reasonable wish.  Certainly not something that nobody
>>> would want to do.
>> Well, I would just put the outside service onto some inconsequential
>> machine at a higher stratum and have it read time from an inside server. 
>> If you are worried about someone crashing it, you do not want it to be
>> on the same machine, since that crash is liable not to crash ntpd but
>> the whole machine anyway. 
>> Ie do not run them on the same machine if that is your worry.
> He has only one machine.
> Running separate processes on a single machine, where you can set different
> resource limits for the processes, is better than doing everything in
> a single process.
> Maybe best for him is to use virtualization and run all the public services
> in the virtual machine.  Hacking a virtual machine is another step beyond
> disturbing an ntp process.

He needs to figure out what his priorities are. I suspect it is
providing time to the internal machines. That is what he should
concentrate on. That is his business. Providing time to the rest of the
world (eg via the pool I assume) is a secondary job, and in fact is
probably not part of the job at all. He does NOT have just one machine.
He is providing time to other machines which means he has more than one. 

He should NOT be running a public server on a machine which is critical
to his business. That should be run on machines that do not matter, for
all the reasons that have been stated. If he does not have a spare
machine, he should not be providing time to the public. If thre MUST be
a public machine because some of his company's machines cannot use the
internal time server, he should set up a firewall to only accept those
IP addresses. 

He has gotten himself totally confused about what his real job and
desires are, it seems to me. 

More information about the questions mailing list