[158120] in North American Network Operators' Group
Re: NTP Issues Today
daemon@ATHENA.MIT.EDU (Sid Rao)
Wed Nov 21 08:07:16 2012
From: Sid Rao <srao@ctigroup.com>
To: Neil Harris <neil@tonal.clara.co.uk>
Date: Wed, 21 Nov 2012 13:06:54 +0000
In-Reply-To: <50ACCFFE.6080400@tonal.clara.co.uk>
Cc: "<nanog@nanog.org>" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Guys:
We were synchronized against multiple sources. Unfortunately the Navy NTP s=
ource contaminated multiple downstream sources.=20
Unless you can trace all your sources, if these sources all have a root sou=
rce you will break.=20
Sid Rao | CTI Group | +1 (317) 262-4677
On Nov 21, 2012, at 8:01 AM, "Neil Harris" <neil@tonal.clara.co.uk> wrote:
> On 21/11/12 12:34, Ryan Malayter wrote:
>>=20
>> On Nov 19, 2012, at 6:12 PM, "Scott Weeks" <surfer@mauigateway.com> wrot=
e:
>>=20
>>> Lesson learned: Use more than one NTP source.
>> The lesson is: use MORE THAN TWO diverse NTP sources.
>>=20
>> A man with two watches has no idea what the time it actually is.
>=20
> Per David Mills, from the discussion linked upthread, this should be FOUR=
OR MORE...
>=20
> "Every critical server should have at least four sources, no two from the
> same organization and, as much as possible, reachable only via diverse,
> nonintersecting paths."
>=20
> Four, so that the remaining three can reach consensus even if one fails.
>=20
> -- Neil
>=20
>=20
>=20
