[EMAIL PROTECTED] wrote: > Thanks Danny for your comprehensive explanation. > >> I'm not sure where you think you are getting redundancy since the >> redundancy comes from picking a sufficient number of servers to >> provide time service to the SCADA systems. You can skip the >> routers. They don't need to be involved here. > > Just to be clear. The redundancy I mention is not really for the NTP. > The multiple subnets and interfaces are there to ensure the > funtionality of the SCADA-system in case of any communication > faliure. The problem for me then, is that our supplier of the SCADA > system also wants NTP to use the communication redundancy which > result in multiple entries per peering neighbours or upstream servers > in the ntp.conf file. That's why I ask about the risk of sync loops > or other strange behavior. >
Just to be clear, NTP takes advantage of redundancy on in the sense of any application using UDP. The only affect on NTP is there will likely be a different delay to get NTP packets back. That's the only real effect that network topology has on NTP. > I can't skip the routers because they are a part of the NTP solution. Not really. If you choose to use the routers to provide a source of NTP packets, that's fine but it's just a convenience and you are not taking any advantage of communication redundancy. > Because of all of the different subnets in this SCADA network (not > just around these servers) it is not possible to have the Stratum-1 > servers reachable on each subnet. The security guys won't allow it. Why not? Don't they have enough work to do? There's no security reasn for this. > Therefore we are using the management subnet for the routers to > distribute NTP time to all routers in the network and they can then > provide NTP for all the subnets they handle respectively. > Then you may as well set up the routers as broadcast/multicast NTP servers. > Work is in progress to raise all our access routers to Stratum-2 and > to solve NTP redundancy for clients in need of more than 1 NTP > source. You seem to misunderstand. Each system needs to have multiple servers - 3 or more. Anything less isn't useful. It's also useful to have those servers get their own servers from multiple different sources. If it's only getting from a single source it is not sufficient unless you don't care about accuracy. > It would be alot easier if the NTP protocol was VRF-aware. > Something to work on for version 4.3 ;-) > I have no idea what you mean by VRF. Danny > Best regards Uffe _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
