> De: Charles Swiger [mailto:cswi...@mac.com] > Enviada: sexta-feira, 20 de Fevereiro de 2015 20:52 > >>In our infrastructure we had some ntp clients that don't have access to the >>world and so they are configured to use only 2 servers (by the way, the other >>have 2 more options). In reality both servers are the same, but with different >>IPs. >I think ntpd would see the same reference id for that timesource regardless >of which IP you reach it by, and loop detection would figure it out. In all the clients, both timesources are available, not discarded and are being used. And in some cases they also intercalate between them. Ntpd might not detect it properly, or simply not consider it a loop?
>>On Feb 20, 2015, at 12:17 PM, Nuno Pereira <nuno.pere...@g9telecom.pt> wrote: >>Given that, I have changed the configuration, and now they only use 1 server, >>but that is not a good solution. >> >>Using 1 server is better than using 2. >>Using at least 4 servers is better than using 1. >> >> >>Any alternative for the configuration? More servers, most likely virtual servers? > >VMs make anywhere from terrible to adequate timeservers. >Bare metal or at the hypervisor level is preferable. > >Setup a local NTP subnet of at least 4 peers, and have your clients talk to each of those. >Your chosen ntp servers should each be configured with at least one unique timesource >which is not used by anything else to promote diversity. Well, that is our problem: we don't have enough hardware that we consider a good source, either for security issues, or too many load on it. The hypervisors are becoming more an option, but they have 2 problems: they need to be reconfigured if reinstalled, and also for security issues. Nuno Pereira G9Telecom _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions