--- wbailey@satelliteintelligencegroup.com wrote: From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Or you could just concede the fact that the navy is playing with time travel again. ---------------------------------------------------------- To finish this thread off for the archives... Apparently something was up with the navy stuff as a post on the outages shows. Lesson learned: Use more than one NTP source. scott
On Nov 19, 2012, at 6:12 PM, "Scott Weeks" <surfer@mauigateway.com> wrote:
wbailey@satelliteintelligencegroup.com>
Or you could just concede the fact that the navy is playing with time travel again. ----------------------------------------------------------
To finish this thread off for the archives...
Apparently something was up with the navy stuff as a post on the outages shows.
On 21/11/12 12:34, Ryan Malayter wrote:
On Nov 19, 2012, at 6:12 PM, "Scott Weeks" <surfer@mauigateway.com> wrote:
Lesson learned: Use more than one NTP source.
The lesson is: use MORE THAN TWO diverse NTP sources.
A man with two watches has no idea what the time it actually is.
Per David Mills, from the discussion linked upthread, this should be FOUR OR MORE... "Every critical server should have at least four sources, no two from the same organization and, as much as possible, reachable only via diverse, nonintersecting paths." Four, so that the remaining three can reach consensus even if one fails. -- Neil
Guys: We were synchronized against multiple sources. Unfortunately the Navy NTP source contaminated multiple downstream sources. Unless you can trace all your sources, if these sources all have a root source you will break. Sid Rao | CTI Group | +1 (317) 262-4677 On Nov 21, 2012, at 8:01 AM, "Neil Harris" <neil@tonal.clara.co.uk> wrote:
On 21/11/12 12:34, Ryan Malayter wrote:
On Nov 19, 2012, at 6:12 PM, "Scott Weeks" <surfer@mauigateway.com> wrote:
Lesson learned: Use more than one NTP source. The lesson is: use MORE THAN TWO diverse NTP sources.
A man with two watches has no idea what the time it actually is.
Per David Mills, from the discussion linked upthread, this should be FOUR OR MORE...
"Every critical server should have at least four sources, no two from the same organization and, as much as possible, reachable only via diverse, nonintersecting paths."
Four, so that the remaining three can reach consensus even if one fails.
-- Neil
----- Original Message -----
From: "Sid Rao" <srao@ctigroup.com>
We were synchronized against multiple sources. Unfortunately the Navy NTP source contaminated multiple downstream sources.
Unless you can trace all your sources, if these sources all have a root source you will break.
"... against multiple [Stratum 1] sources..." Baby, if you've ever wondered... whether it matters whether your sources are strat 1 or not, now you know -- since there's no real way to get provenance on down-strat time sources that I'm aware of. Does the NTP code, people who know, give any extra credence to strat-1 sources in it's byzantine code? Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
On Wed, Nov 21, 2012 at 10:41:01AM -0500, Jay Ashworth wrote:
"... against multiple [Stratum 1] sources..."
Baby, if you've ever wondered... whether it matters whether your sources are strat 1 or not, now you know -- since there's no real way to get provenance on down-strat time sources that I'm aware of.
Does the NTP code, people who know, give any extra credence to strat-1 sources in it's byzantine code?
Not in a way that matters if one of them suddenly becomes a falseticker. If a reference clock goes insane, it's pretty easily detected provided you have at least two more servers (or even peers configured.) Stratum 1 just means it thinks it has a reference clock attached, but those clocks fail, go into holdover, what have you all the time. NTP will happily select a stratum 2 or lower clock instead provided it appears stable (low jitter, responded to our last 255 queries, and is an eligible candidate.) To get an idea what your NTP server will do, try ntpq -p: msa@paladin:/home/msa (582)$ ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== -nist1.symmetric .ACTS. 1 u 304 1024 377 5.140 3.271 0.581 +nist1-sj.ustimi .ACTS. 1 u 307 1024 377 7.843 5.227 0.729 +64.147.116.229 .ACTS. 1 u 414 1024 377 9.406 5.742 0.068 *usno.pa-x.dec.c .USNO. 1 u 540 1024 377 1.373 4.242 0.032 -pegasus.latt.ne 64.250.177.145 2 u 304 1024 377 61.383 5.920 6.578 -pyramid.latt.ne 216.171.124.36 2 u 361 1024 377 1.076 4.181 0.066 This is a stratum 2 server in the public pool. It's peering with two other stratum 2 servers that I run. Those two are deselected (-). The server marked with a * is selected, and those with a + are included in a weighted averdage used to maintain the system clock. If the primary selected server does something wonky, it's going to select one of the candidates marked with a +. In this case it has enough stratum 1 servers that it's not likely to fall back to its peers, but it can do so if those servers suddenly give it a set of unexpected replies. --msa
participants (6)
-
Jay Ashworth -
Majdi S. Abbas -
Neil Harris -
Ryan Malayter -
Scott Weeks -
Sid Rao