[ntp:questions] Best practices

Charles Swiger cswiger at mac.com
Wed Sep 3 17:56:38 UTC 2014

Hi, Mike--

On May 21, 2014, at 1:38 PM, Mike Edwards <mcedwar at gmail.com> wrote:
> I'm looking for information on best practices to configure ntp for a medium
> sized network.  I'm looking for something similar to the whitepapers
> published by Cisco.  Cisco outlines several configurations with a mixture
> of peer and server definitions for a set of internal ntp servers.

Something like:


...perhaps.  There's older docs about "Notes on Configuring NTP and Setting up a NTP Subnet":


> Equally useful might be a document that compares the functionality of the
> ntp.org implementation, verses the Cisco ios implementation.  Does Cisco
> use the ntp.org code?

Generally speaking, routers prioritize moving packets around over servicing
traffic sent to the router itself.  They tend to make adequate timeservers
for low NTP query rates but exhibit higher latency than dedicated timeservers.

> I'd like to see a configuration that would be resilient to public server
> failures, and connectivity problems to the public network, as well as
> failures between sites on the internal network.
> Do any such documents exist?

The docs above have some general discussion including multiple internal datacenters.

Having a mix of decent external stratum-1 or -2 servers, local timeservers running
from GPS, ACTS, or other primary timesource, and redundant local S2/S3s that clients
can talk are all part of obtaining highly resilient time service.

Note that you can provide world-wide NTP service comparable with large OS vendors
(ie, time.apple.com, time.windows.com) with a dozen machines broken up into peer subnets
of 4 boxes in the three major regions.  Hardware isn't really the constraint--
it's dealing with bazillions of tiny packets and being able to throttle abusive traffic
upstream of your connectivity that matters.


More information about the questions mailing list