On Tue, 11 Mar 2003 20:32:02 -0500, "Jennifer Fountain" <[EMAIL PROTECTED]> wrote:
>I am currently looking into configuring my company's time servers. A couple of things: You can probably skip making ntp servers out of your DMZ-based machines. Set up your ntp servers on your corporate LAN and allow them, and only them, to contact external ntp sources (port 123, I believe). Your internal ntp servers should get their data from dispersed sources. (We use those in Boulder, Houston, and Washington.) Give your internal ntp servers alias DNS names. For example, say you're running a Linux boxed called webserver.rbinc.com, which is running apache. You put ntp on this box to make it an ntp server. Give it the DNS name of clock.rbinc.com, and make sure people use this name to access the service. Call the other ones tick.rbinc.com and tock.rbinc.com. That way you can move the service around to different boxes as you need to.