Question about internal 'private' servers

[Hal Murray]

> Regarding the tos minclock config line:  I checked one of my systems
> that's still running Debian 11 and regular NTP.  This system was quite
> happy with only two servers.  So my original two-maaster-server
> configuration was OK (but not great) until I upgraded to NTPSEC.  This is
> not a complaint - just me understanding how the problem crept in on me. 

Please check the old config file.  Does it have the minsane line?


> Regarding my question about using a local POOL, my idea is that I could
> change the pool membership via DNS without having to touch a config file
> on each system.  So a pool of 2 servers does seem pointless, but when I
> add 3 or 4 more it will be easy. 

The code will probably do what you want, just leaving a lot of clutter in 
the log files.  [The DNS stuff doesn't normally happen very often so the 
logging is on the verbose side to help users understand what is going on.]

It would not be hard to implement what you want.  Something like servers 
rather than server which would use all the IP Addresses rather than just 
one.

I've never worked on a problem like distributing a new ntp.conf over a 
batch of systems.  I assume that is just an example of something that 
happens reasonably often.  I'd expect something like the initial setup 
installs root's public ssh key on all the target systems so you can run a 
script that will iterate over all systems to do something on each one of 
them.


If any of the client systems are using DHCP, you can provide the NTP 
servers that way.  Search for dhcp in /etc/init.d/ntp and pull on that 
string.  I've never tried it.



-- 
These are my opinions.  I hate spam.