[Git][NTPsec/ntpsec][master] Mitigation strategy for clock rollovers.

Eric S. Raymond gitlab at mg.gitlab.com
Tue Sep 19 13:55:32 UTC 2017 

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
38662175 by Eric S. Raymond at 2017-09-19T13:55:20Z
Mitigation strategy for clock rollovers.

- - - - -


1 changed file:

- docs/rollover.txt


Changes:

=====================================
docs/rollover.txt
=====================================
--- a/docs/rollover.txt
+++ b/docs/rollover.txt
@@ -228,7 +228,8 @@ This technique will postpones time-warping to a full 1024 weeks after
 the pivot date - which the vendor typically makes the release date
 of the device firmware.  But it won't do any better than that; without the
 ability to change the base date, the device will ship incorrect
-reports forever afterwards.
+reports forever afterwards.  A few refclocks, like the HP-GPS line,
+have that ability; most do not.
 
 This where careless, low-budget design begins to matter. GPS vendors
 do not document even the fact that they use base or pivot dates, let
@@ -256,6 +257,16 @@ need to be aware of the possibility that their device could roll over
 at any time (but especially near the zero dats of a GPS era) and be
 ready to compensate by dropping in a device with a newer pivot date.
 
+Actionable advice that follows from this: If you don't know the
+manufacturing date of a GPS-based device to within a couple of years,
+don't trust that it won't be rolled over and useless *the first time
+you start it*.  Shopping for cheap refclocks at surplus houses or
+on the Web is particularly hazardous this way.
+
+A fairly bulletproof mitigation strategy, if you are running
+autonomously, is to have multiple GPS clocks per server and replace
+each individual one at least once every nine years (half a GPS era).
+
 [[ntp_pivots]]
 == NTP pivot dates ==
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/38662175a00b3c7d40415cdbcf7439c4696c76b3

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/38662175a00b3c7d40415cdbcf7439c4696c76b3
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170919/7cd0315d/attachment.html>

More information about the vc mailing list