[ntp:questions] multiple instances of NTP on different interfaces

Joe Gwinn joegwinn at comcast.net
Tue Mar 5 14:26:22 UTC 2013


In article
<CAD678-DQ-nMVJP5EPsb+0i699S_VrDsB2yzNkE4c=Btv=nykSw at mail.gmail.com>,
Abu Abdullah <falcon.sheep at gmail.com> wrote:

> >
> > option to disable adjusting the system clock?
> >>
> >
> > I believe there is, but that instance would become a pure server.  The
> > time that ntpd serves is always that in the local system clock.
> >
> 
> I would appreciate if you can provide it so at least i can get rid of these
> warnings.
> 
> 
> >
> > As someone already said, you need explain the overall goal, not the
> > particular step that you think might achieve it.
> 
> 
> We have a requirement for NTP service for two different networks: public
> (not important, can have outages), private (important). we are trying to
> have separate process for each network in case high load come from the
> public domain (or for any security issue). We will have more control on the
> public NTP where we can set the resources for it at the OS level. in
> addition, at any point of time we can migrate the private NTP to a
> dedicated machine (currently we have only one machine) once the hardware is
> not capable to handle both. In this case we will not have to change the NTP
> IPs in the clients configurations (private).

Be aware that if the hope is that the private network be immune to
hacking from the public network, or immune to leakage of information
from private to public, there cannot be a computer common to both
networks.  

There are hardware solutions to this dilemma, specifically GPS
receivers with built-in isolated NTP servers, each server with its own
dedicated  ethernet port.

Joe Gwinn



More information about the questions mailing list