|
well i'm not exactly grizzled, but i certainly did one day see the light of ntp, mainly from finding the ntpq command to actually see what was previously black magic. and black magic that didn't work at that. In line with any service you run, it should only do what you need and nothing more. Don't run all your boxes as ntp servers, keep a few central ones with query enabled and shut all the others down to clients only, and keep a logical strata in place. personally i would go and find 4 or 5 geographically local strata 1 sources - i would use a local subdomain of ntp.org e.g pool.europe.ntp.org and pick them from the random dns assigned ip's you get back from querying 0.pool... to 10.pool... use those sources on up to 4 internal devices and then use those few to feed ntp back into the rest of your estate. those 4 should also use each other as sources, but naturally they will be 1 strata greater than the remote sources so would not usually be the primary sources for one another all the while they have access to remote sources.
buying a radio time server yourself is a bit pointless i think. there are plenty out there for free, and i'd rather have 5 remote ones than 1 non-resilient local one.
never ever have 2 sources listed in an ntp config. if they are different, which one is right???? 1 is easy - no choice. 3 is fine, 2/3 of them should agree, but 2... could get really nasty if half your machines prefer one whilst the rest prefer the other.
never run ntp inside a virtual machine. it's conceptually illogical, and you always need to take the clock from the host machine, and let that use ntp.
that the sort of thing? for some strange reason i really like ntp. if i were a drinker i'd buy it a pint.
|
NTP: help me understand the conf file
