Note that NIST operates a pool of 24 time servers for public use. These are spread across four different locations in two different states. My understanding is that they all get their time directly from the official NIST clocks without GPS or NTP being involved. You can also request a symmetrical key, exchanged via paper mail, for four of them if you would like to run ntp encryption. See https://tf.nist.gov/tf-cgi/servers.cgi You could also add official servers operated by the time labs of other countries. A list of many of them are at the end of the pdf at https://webtai.bipm.org/ftp/pub/tai/annual-reports/bipm-annual-report/TIMESE... . On Wed, Aug 9, 2023, 10:30 AM Seth Mattinen via NANOG <nanog@nanog.org> wrote:
On 8/9/23 2:39 AM, Forrest Christian (List Account) wrote:
When GPS is working, time transmission with accuracies of under 1 microsecond is common. This is especially true if the GPS integrates some sort of disciplined oscillator. Note that this is in excess of what NTPd running on a typical OS can reliably retransmit.
BUT.. if I was to choose only one protocol, it would be NTP, not GPS, because of all of the reasons you mention.
I find it distressing that sites are relying on GPS only. I suspect that this a failure to assign proper risk to using GPS. It's particularly odd when one considers that adding NTP time sources are essentially free and improve robustness and reliability greatly.
I liked having a WWVB receiver in my mix, but all the hardware appliances (at least those offering OCXO or Rubidium oscillator options) seem to have rejected it in favor of GPS only. I can only conclude that either vendors think options like WWVB are a dead end or there's no demand for GPS alternatives.
Products like the BlueSky GNSS Firewall exist, but not something I've thought was as necessary expenditure for my needs (yet). Mouser lists it at just under $10k.
Personally I'm just not that comfortable using random unknown platform and unknown installation conditions time server pools over the big-I internet. I would possibly consider NTP servers operated by entities I have peering with.
~Seth