Can you autogenerate a bootstrap config/script based on the contents of http://tf.nist.gov/tf-cgi/servers.cgi
On Tue, May 28, 2013 at 9:00 AM, Phil Pennock <[email protected]>wrote: > Folks, after a tree-induced power & ISP connectivity outage, my router > decided that the date/time was April 1st. Well, at least it got the > year right. > > To fix this, it tried to bring up time using 0-3 in > openwrt.pool.ntp.org. Reasonable enough. I also use Unbound, for > DNSSEC validation. > > Because time was so far off, I couldn't resolve the hostnames needed to > get the IP addresses to sync against. > > When I've run servers with NTP, I always hard-coded IPs, while complying > with stated policies for client usage of a given server, and tracked > changes; this was necessary for the hole-opening `restrict` rules > anyway, and useful for avoiding such glitches. In this case, it's a > home router and I'm using the pool project servers. > > I understand that the *.pool.ntp.org hostnames are more dynamic and it's > very much frowned upon to hardcode these names. > > How do folks here, providing this public service, feel about a tool > which can be run from cron, resolves the IPs periodically and puts them > live in a local unvalidated (".lan") zone and/or rewrites config files, > so that the hostnames are dynamic at a resolution of about a day, but > resolvable without needing accurate time? > > Otherwise, as DNSSEC becomes more prevalent, I think that this catch-22 > will bite harder: to set time, you need DNS to resolve the hostnames, > but DNS under .org requires accurate time to avoid failures of > resolution when finding the TLD NS servers, so we can't resolve the > timeserver hostnames. > > I'm willing to post code for review; it'll be Python, geared towards my > OpenWRT Backfire system. > > Thanks, > -Phil > _______________________________________________ > pool mailing list > [email protected] > http://lists.ntp.org/listinfo/pool > -- GDB has a 'break' feature; why doesn't it have 'fix' too?
_______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
