[ntp:questions] Symmetric / peer questions

Aymeric mulx at aplu.fr
Mon Nov 9 21:41:03 UTC 2015


Hi,

I'm trying to understand how peer mode works and the benefit of using it.
I didn't find all of my answer while reading the doc and manpage from
ntp.org, so here I am :)

Let say I have the following configuration on two ntp nodes:

----node 1----

server 0.stratum-1
server 1.stratum-1

peer node2 autokey
keysdir /etc/ntp/

restrict default kod nomodify notrap nopeer noquery
restrict node2 notrust

crypto pw changeme
crypto randfile /dev/urandom

----node 1----

----node 2----

server 2.stratum-1
server 3.stratum-1

peer node1 autokey
keysdir /etc/ntp/

restrict default kod nomodify notrap nopeer noquery
restrict node1 notrust

crypto pw changeme
crypto randfile /dev/urandom

----node 2----


My ntp clients will use node1 and node2 as time server. I used a trusted
groupkey (`ntp-keygen -T -G`) for the authentication scheme and from
`ntpq -c 'rv 0 cert'` I got the both node working with autokey.

* What the peer keyword does?
  From my tests, having "peer" keyword on one node made the both node
synchronize together.
  While reading the “Association Management” web page this should made
the node to exchange their own server lists. Am I right?
  - That's mean it's possible for node-2 to synchronize with stratum-1
servers from node-1 (and the other way around)?
  - Does it do (or allow) something more?
* If "peer" just made both node synchronize together, wouldn't do the
same to have a "server the-other-node" on both node?
* Do I need to have a line "peer the-other-node" on both node?
    - This made both node having a symmetric-active connection?
    - What are the differences between symmetric-active and passive?
* Does it have effect on the client (like node1 saying "hey client, my
backup is node2, try it if I die")?

Thanks in advance!

Aymeric.


More information about the questions mailing list