> I'm trying to set up and use the network time protocol for my machines
> due to logs not being accurate in time. there are no man pages and
the
> online html docs don't give good examples in what I've read so far. I
> know that you don't want all your local subnet boxes connecting to a
> stratum 1 server due to the overload these servers would receive. so
> I'm trying to follow the instructions but am getting lost on how to
> configure a local ntp server that only polls the stratum 1 or stratum
2
> server itself and then rebroadcasts to the local net/subnet. I can
get
> the server to poll and adjust time by listing the stratum 1 server in
> the ntp.conf file, but the ntp.conf file is missing something on the
> server side to allow clients to connect. and I'm not even sure how to
> configure the local net/subnet clients ntp.conf. again, no good
> examples that I could see in the docs of different .conf setups.
> anybody know how to set this up?? if there were grandfather clocks
> attached to all these machines they'd be going off all day long at
> different times!! :^) thanks in advance!!
>
>
> Mike Branda
You should not be querying a Stratum 1 in _any_ event. It's sort of
like calling Carly Fiorina on the phone to get your $150 flatbed
scanner fixed. (I wonder who SHE calls when her two $100K
sound systems on her 2 corporate jets die, but that's another
matter. I'll bet is NOT to India...)
There are some good docs about ntp at the eecis.udel.edu site
(Google the exact link) along with lists of _public_ servers that
can be used by anyone, and those that can be used by anyone but
request prior notification. Or just use the RedHat servers. While
you can try to select one with minimal path delay, it's not that big
a deal for our logging purposes and choosing for reliability of
uptime is probably a better choice, though those stats are
empirically derived. Also choose by dns name, as the IPs will
often vary from time to time.
Finally the new release of IPCop will permit doing just what you want.
It will poll a public server you specify, and also act as a server to
all
the devices on your private subnet. You'll also have an (IMHO)
excellent firewall with IDS, logging, traffic graphing, using iptables.
My IPCop 1.3.0 has now been up > 270 days. www.ipcop.org
(the new 1.4.0 is still in beta AFAIK). I posted a largish review
on this list a couple of weeks ago.
Bob Foxworth
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:06:06 EDT