State of the microserver HOWTO
Gary E. Miller
gem at rellim.com
Tue Jun 7 23:19:07 UTC 2016
On Tue, 7 Jun 2016 18:48:42 -0400
"Eric S. Raymond" <esr at thyrsus.com> wrote:
> > > My plan was to encourage you to elaborate - *and explain* - your
> > > favorite odd features for your local config, then work with you to
> > > prune it back to someting we might ship.
> > Howz it look now?
> When asking that question, it is always a good idea to enclose a
> copy. ;-)
Same as the last one, but, see below.
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
# My RasPi 2/Adafruit HAT config.
# contributor: Gary E. Miller <gem at rellim.com
# date: 7 June 2016
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for more help
# This configuration uses the shared-memory refclock (28), which is
# assumed to have gpsd on the other end. Unit 0 is the in-band data,
# Unit 1 the PPS.
# I have a number of other GPS based chimers on my local network. This
# configuration peers with them so I can compare their performace.
# for best performance, start ntpd last. First start gpsd, and confirm
# you have a good GPS # lock, Then confirm gpsd is supplying time to the
# SHM interface. Then you can start ntpd.
# I start gpsd this way:
# # gpsd -n /dev/ttyAMA0
# check for GPS 3D fix this way:
# # cgps
# check the SHM for good time:
# # ntpshmmon
# Then start NTP
# # ntpd -N -g
# save the clock drift when shutting down ntpd.
# this allows for faster NTP reconvergence after a restart
# You want some logging, it will be useful later.
# If you add the logging now, then you have the data when you figure
# out you want it. If you wait until you want it then it is too late.
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
logconfig =syncall +clockall +peerall +sysall
# we want some security
# do not let random people remotely modify your ntpd server
restrict default nomodify notrap nopeer noquery
restrict -6 default nomodify notrap nopeer noquery
# allow access from localhost, IPv4 and IPv6
restrict 127.0.0.1 mask 255.255.255.0
restrict -6 ::1
# replace this with your local IPv4 network
restrict 184.108.40.206 mask 255.255.255.0
# replace this with your local IPv6 network
restrict -6 [2001:470:e815::]/64
# The order of servers and peers in ntp.conf matters.
# On startup ntpd will take the first time it gets to set the system
# clock. If this first time is an imprecise clock, say derived from
# NMEA, then ntpd may takes days to restabilize.
# The first time ntpd acquires will tend to be the ones higher up in
# the file with the lowest maxpoll.
# So to work around this ntpd glitch put your best time sources high
# in the ntp.conf file, with your shortest maxpoll and your worst one
# at the bottom with higher maxpolls.
# A bug is open for this behavior:
# PPS is first, it is the most precise.
# SHM for PPS and gpsd
server 127.127.28.1 prefer minpoll 4 maxpoll 4
fudge 127.127.28.1 refid PPS
# My other local chimers, just in case the GPS loses signal, and
# for comparison
# if you do not have any other chimers on your local network then you can
# skip this section on local peers. Proceed to the section on
# using the pool
# The default APR timeout on Cisco switch gear may be as long as
# 4 hours. On windows and Linux it may be as short as 60 seconds.
# If the polling interval for a chimer is greater than 60 seconds (maxpoll 6+)
# then when ntpd sends a time request to a remote ntpd daemon the OS may
# be adding an ARP roundtrip to the process, delaying the return
# by that much extra time. This convinces ntpd that the remote ntpd
# is further away, and has more jitter, than it actually does.
# To prevent this glitch in ntpd behavior, be sure to use 'maxpoll 4' or
# 'maxpoll 5' on servers and peers on the local network.
# Maybe ntpd should fix maxpoll at 4 or 5 for local peers?
# Notice that I do not use DNS names for my local chimers, only IP numbers.
# I do not want my NTP dependent on DNS. DNS requires a network
# connection and I do nt want my NTP down during network outages.
# I also use DNSSEC which requires accurate time. If my NTP depends on
# DNS, and my DNS depends on NTP that can cause problems.
peer 220.127.116.11 maxpoll 5 # catbert
peer 18.104.22.168 maxpoll 5 # pi2
#peer 22.214.171.124 maxpoll 5 # pi3
peer 126.96.36.199 maxpoll 5 # kong
peer 188.8.131.52 maxpoll 5
peer [2001:470:e815::8] maxpoll 5 # spidey
# end of local peers
# if you have no other local chimers to help NTP perform sanity checks
# then you can use some public chimers from the NTP public pool:
# To use the pool servers uncomment the last four lines in this section.
# The iburst option tells ntpd to query the pool serers with bursts instead
# of single requests. This can yield better results to remote servers.
# Notice I use the 'us' country code servers, otherwise I might get one
# pool server from Ukraine and another from Singapore. If you are
# not in the USA, then change the 'us' to your two letter country code.
# server 0.us.pool.ntp.org iburst
# server 1.us.pool.ntp.org iburst
# server 2.us.pool.ntp.org iburst
# server 3.us.pool.ntp.org iburst
# NMEA is last, it is the least precise
# SHM for gpsd
server 127.127.28.0 minpoll 4 maxpoll 4
fudge 127.127.28.0 time1 0.450 refid GPS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 473 bytes
Desc: OpenPGP digital signature
More information about the devel