[vox-tech] rdate servers and apt-get for redhat
Eric Nelson
vox-tech@lists.lugod.org
Mon, 16 Dec 2002 21:35:29 -0800
Uh oh. I didn't know it was anything but some government service. Do=20
you know any ntp servers which are less restrictive? I don't want to=20
have bad dreams about stratum 1 servers. They sound a little scary.
On Sunday 15 December 2002 17:57, Rick Moen wrote:
> Quoting Eric Nelson (en77@attbi.com):
> > Here is what I use in crontab:
> > 59 * * * * /usr/sbin/ntpdate ntp-dec.usno.navy.mil >> /dev/null
>
> The hostname is a CNAME for usno.pa-x.dec.com, operated by Compaq
> in Palo Alto for the U.S. Naval Observatory. It's a stratum 1
> server. Posted access policy is "Access Policy: open access for
> stratum 2 servers, Compaq, others by arrangement."
> (http://tycho.usno.navy.mil/ntp.html)
>
> USNO states at the top of the listing at the top of the page: "All
> of the following stratum 1 NTP servers are open to stratum 2
> servers within the same time zone and to others by arrangement."
>
> http://www.eecis.udel.edu/~mills/ntp/servers.html states: "Please
> respect the access policy as stated by the responsible person. It
> is very important that potential clients avoid use of servers not
> listed as open access, unless approved first by the responsible
> person. This especially includes indiscriminate use of servers not
> listed in the list, since this can be disruptive. The responsible
> person should always be notified upon establishment of regular
> operations with servers listed as open access. Servers listed as
> closed access should NOT be used without prior permission, since
> this may disrupt ongoing activities in which these servers are
> involved."
>
> That page clarifies about what is meant by a stratum 2 server:=20
> "The secondary server provides synchronization to a sizable
> population of other servers and clients on the order of 100 or
> more." (There's more.)
>
> It is not unknown for members of the general public who sync to
> statum 1 servers without prior arrangement to find their entire IP
> blocks blocked by the statum 1 server operator.
>
> On the bright side, doing the sort of periodic ntpdate you discuss
> is less likely to risk the wrath of a statum 1 server than would
> running ntpd against it -- as I've seen people urge on other
> mailing lists that I guess should go nameless.