Question about internal 'private' servers
Dave Hall
kdhall at binghamton.edu
Mon Jul 22 14:17:21 UTC 2024
Hello.
I have until recently had a two-tier NTP configuration running on an
internal subnet with 2 'primary' servers configured to connect to external
stratum 1 services, and 4 secondary servers syncing with the primaries.
All other systems ('clients') in the subnet are configured to sync with the
4 secondary servers. In 'ntpq -c pe' the 2 primary servers show as stratum
2.
WIth the upgrade to Debian 12, NTP is replaced by NTPSEC, and this no
longer works: The 4 secondary servers come up as stratum 16, causing all
of the 'client' to become unsynced.
In studying the documentation and with many experiments, I have not found a
way to get past this. Not that I have not configured any SSL certificates
anywhere, the assumption being that my network segment is isolated enough
that I should not need this. Further, all of my systems are willing to
sync with the 2 'primaries' even though they are still running the same old
ntp.conf.
So how do I get my secondaries to be something other than stratum 16, and
where is this documented?
Thanks.
-Dave
--
Dave Hall
Binghamton University
kdhall at binghamton.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/users/attachments/20240722/8f546290/attachment.htm>
More information about the users
mailing list