[ntp:questions] Re: Architecture / best practice for small/medium company setups

Maarten Wiltink maarten at kittensandcats.net
Thu Jun 29 11:50:46 UTC 2006


"Joachim Schrod" <jschrod at acm.org> wrote in message
news:4ghq23F1nbttsU1 at individual.net...
[...]
> The situation:
>
>   -- Let's assume a company with 10 to max. 100 computer systems. ...
>   -- There is only one site. All computers are on the same LAN.
>   -- The company has only one Internet connection, with a typical SLA
>      of 97.5% availability over the year. ...
>   -- The company has no requirements for extremely accurate
>      time-synchronization. ...
[...]
> The first few questions are about selection of time servers:
> How many, and what is their peer structure?

Two. One on the Internet gateway ('primary'), and one backup ('backup').

Primary has the external servers, and its local clock configured at
stratum 10. Backup has the primary as its sole server, and its local
clock at stratum 12.

All other computers are leaf nodes and have primary and backup as
their servers.

Backup should be far enough away from primary that they're unlikely to
be out at the same time (meaning, for the same reason).

People are going to scream bloody murder that there aren't four
servers in this scenario. People are going to be ripping body parts
over there being _two_ servers. In brute fact, there aren't - there's
only one. Backup only serves to keep the herd together if primary
fails altogether. That's the only time anybody will listen to it.

Should there be four servers? Your choice. It may be overkill, and
the next step down is one server. If it goes insane, well, tough.
That's what you defend against with four servers. However, consider
that with four servers, they should really _all_ have _all_ different
external associations.


>   -- I assume that the company should use the NTP server pool, as it's
>      not a large company with 1000s of computers.

Ideally, your ISP should provide four independent NTP servers for you
to use. Mine _almost_ does - there are four NTP servers but they all
have the same upstream servers. This only serves to reduce the load
on those.

[...]
>   -- Client configuration: Specific servers, or multicast?

Good question. I almost missed it. Did you consider broadcast?

Well-behaved unicast clients never send more than one packet per second.
After stabilising, it becomes one in a thousand seconds. Not much of a
problem. The configuration file is the same for all clients either
way. Unicast and iburst might speed up initial convergence slightly.

Groetjes,
Maarten Wiltink





More information about the questions mailing list