[ntp:questions] Number of Stratum 1 & Stratum 2 Peers

Brian Inglis Brian.Inglis at SystematicSw.ab.ca
Fri Dec 5 04:00:06 UTC 2014


On 2014-12-04 08:58, William Unruh wrote:
> On 2014-12-04, David Lord <snews at lordynet.org> wrote:

>> The ntp html docs on selection state that four are needed to
>> guarantee a majority and give an example of this case.
>
> Under what circumstances? Nothing can guarentee a majority. 100001
> cannot guarentee a majority. Except 1 I guess. As long as it is working
> it is the majority. Of course if it stops working all together, then not
> either. 3 guarentees a majority if only one stops or stops sending out
> correct time. etc.

There must be a strict majority clique #truechimers > #falsetickers.
I had a bunch of backup servers configured when the DRDoS attacks started,
and a lot of academic servers disappeared from the net for a few weeks.
I had to deconfigure them and restart, as even with a preferred ref clock,
ntpd will not discipline the time without Byzantine agreement.

For a corporate environment, recommend 2n+1 servers, where n is the number
of local servers you will allow to be down at one time, plus network sources
which should be fewer than the number of local servers, and preemptable, so
they will be dropped if they become unreachable.

For example, you could run three peered local servers and two good diverse network
sources each, allowing only one local server to be down at any time for updates
or patches. Each of the peers needs to have a different pair of network sources,
to avoid any common mode failures, or rejection from sync loops.
More local servers would allow more good diverse network sources, and more
simultaneous local and remote outages.

The diverse network sources are necessary so congestion or maintenance on a single
downstream router or backbone connection does not make all your sources unreachable
at once. This will happen occasionally during maintenance outage windows if you use
a single ISP or a single outward path from your network.
-- 
Take care. Thanks, Brian Inglis


More information about the questions mailing list