Shippable ntp.conf files for the HOWTO

Gary E. Miller gem at rellim.com
Fri Jun 10 00:53:59 UTC 2016 

Yo Hal!

On Thu, 09 Jun 2016 17:38:33 -0700
Hal Murray <hmurray at megapathdsl.net> wrote:

> > Are they all suboptimal?  
> 
> How about way out of date.

Not relevant.  Are they suboptimal? 

Is so, can you distill this to three or four lines to go in the config
file?

> The pool command hasn't been in the middle of this sort of sharp eyed 
> scrutiny.  I won't be surprised if there are bugs or quirks.

Well, if we can't prove it is better I would not be in a hurry to
use it.

> The
> only one that I know of is that you have to remove the nopeer from
> the default restrict lines.

Do we need the 'restict nopeer'?  From a quick google pretty much
every one says to use it.  If we need nppeer, we can't use 'pool' until
that bug is fixed.

From what I can see the nopeer is to prevent DoS.  We certainly do not
want to have a configuration that is know to allow DoS.

That pretty much makes up my mind.  Until issue #79 is closed we can
not use 'pool'.

> gem at rellim.com said:
> >    # The iburst option tells ntpd to query the pool servers with an
> > initial # burst instead of single requests.  This can yield better
> > results on # startup to remote servers.  
> 
> I dislike that use of "better".  Why not say "faster"?  They won't be
> better in the sense of more accurate.

Well, in my tests it is slower.  So I can't say faster, that is 
clearly untrue.

ntpd does not wait on startup to send the first challenge packet.  And
one RTT is certainly faster than 8 RTT.  Eight RTT with 2 second delays 
in between:
	"the spacing between packets is about 2s"

This is easy to see this way:
	# killall ntpd
	# ntpd -N -g ; watch ntpq -p

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160609/fd00fb5e/attachment.bin>

More information about the devel mailing list