olli at lurza.secnetix.de
Wed May 9 16:40:39 UTC 2007
Jeffrey Goldberg wrote:
> Oliver Fromme wrote:
> > Martin Dieringer wrote:
> > > Oliver Fromme wrote:
> > > > Are you sure that your /etc/ntp.conf ist correct?
> > >
> > > # cat /etc/ntp.conf
> > >
> > > server time.fu-berlin.de iburst maxpoll 9
> > > driftfile /var/db/ntp.drift
> > > logfile /var/log/ntpd
> > You must add "restrict" lines for every server and for
> > localhost, like these:
> > restrict time.fu-berlin.de nomodify
> > restrict 127.0.0.1
Sorry, I forgot one line: restrict default ignore
The "default" line is for security reasons, so nobody else
can modify your ntpd. The "nomodify" line enables time
synchronization with the server, but prevents it from
being able to modify your ntpd settings. Finally, the
line for localhost enables you to use tools like ntpdc
and ntpq locally. It's all explained in the ntp.conf(5)
> > Other than that, the config looks good. There's no need
> > to add further time servers.
> The time adjustment algorithms of NTP make use of multiple time
> sources. NTP works best with having at least three reachable
> servers. Of course ntp is designed to keep good time even when you
> are disconnected from the net, but it builds up its data from
> multiple sources and using triangulation to correct for errors.
NTP works perfectly well with a single source. Having
multiple sources is not necessary on an end client (but
it doesn't hurt either, of course). Of course, on a
server that provides NTP service itself to a subnet or
similar, having multiple upstream servers is desirable.
In fact, ntpd refuses to synchronize against a server
that does not have at least two upstream servers (non-
Martin's Problem with ntpd is not a precision problem.
His problem is that his ntpd does not synchronize at all.
Adding more servers certainly won't solve that problem.
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
"In My Egoistical Opinion, most people's C programs should be indented
six feet downward and covered with dirt."
-- Blair P. Houghton
More information about the freebsd-stable