On Thu, 2 Oct 2003 Michael.Dillon@radianz.com wrote:
Beware the single point of failure. If all your clocks come from GPS, then GPS is the SPOF. If they all come fram brand X manufacturer then that is the SPOF. A commercial service should be robust and use a combination of atomic clocks, GPS, radio time services, CDMA/GSM clocks combined with a sanity checker to watch all the clocks and detect bad timekeepers.
Yes, this is definetly an issue, and thus the clocks are at least one cesium, and the other two are different vendors.
Indeed. Hide this clock behind a packet filtering firewall or else use udprelay and an application layer gateway on UNIX to block everythingexcept NTP. In fact, if this is a commercial service you should hack udprelay so that it knows about the NTP protocol and can block non-customer traffic or malformed traffic or high volumes of traffic. That way, the UNIX
So what you are suggesting basically is to add an application layer sanity checker and DoS preventer, am I right ? --Ariel -- Ariel Biener e-mail: ariel@post.tau.ac.il PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html