Re: Help with xntp config ( xntpd on AIX 5.1 and 5.2 )

From: Juha Laiho (Juha.Laiho_at_iki.fi)
Date: 05/21/04

  • Next message: Kevin Collins: "$TERM not set via xinetd" 
    Date: Fri, 21 May 2004 18:57:03 GMT

    go_uc_bearcats@hotmail.com (Chris Allen) said:
    >We have 4 very distinct environments (DEV, TEST, QA, and PROD) each
    >with between 3 and 10 AIX 5L images.

    How distinct, i.e. do you have firewalls blocking traffic between these
    environments?

    >I would like one server in the PROD environment to be the one system
    >that syncs its time with clocks outside of our company.
    ...
    >I would also like one server in the other 3 environments to sync to
    >the "company time master" from above. Also, the other systems in the
    >same environment(Test, Dev, or QA) would sync to these 3 systems.

    Stratum was already explained in other responses, I don't repeat it here.

    I'd consider it better design to have two machines synchronising from
    outside servers, and peering with each other. Then, for all the other
    machines, set both of these two machines as servers. Two servers to
    protect against loss of one.

    Also, for the two servers, configure a local clock at some low-priority
    (i.e. high-number) stratum, like 6 or 7. This is so that even if you
    lose your external time source, at least your network keeps consistent
    time. Without this, losing the external time sources would drop the
    servers to stratum 9, which means "don't use this time source", and
    each machine would continue using solely its local clock.

    So, just two different configurations, and not much of a topology,
    if you can allow this traffic across your environments. 

    -- 
Wolf  a.k.a.  Juha Laiho     Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
         PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
  • Next message: Kevin Collins: "$TERM not set via xinetd"

    Relevant Pages

    • Re: Running a simple batch file at startup
      ... What you may not know is that the hardware clock (for which the wafer ... servers in a registry key so you can select from one of them). ... can be a week, or more, before the time service decides to sync your OS ...
      (microsoft.public.windowsxp.general)
    • all servers rejected
      ... Can anyone tell me why may ntpd just silently reject all the specified ... servers, and fail to set the system clock, without even dropping a note ... me not having clock sync at all than to sync to a "relatively ...
      (comp.protocols.time.ntp)
    • Re: Checking clients computer time to prevent SSL errors
      ... clock being too far from our servers clock and therefore the SSL authentication fails. ... Has anyone tried using JavaScript to identify this issue (eg the clocks being too far out of sync (around 10 minutes) and alerting the client via a popup or something? ... And then have somePage.asp read the querystring and give a message that the date on the PC is too far out of sync with your servers time. ...
      (microsoft.public.scripting.jscript)
    • Re: NTP Sync Issues
      ... servers are experiencing. ... Subject: NTP Sync Issues ... This happens either because of two conflicting time synchronisation ... clock interrupts, especially when using IDE devices in non-DMA modes. ...
      (comp.protocols.time.ntp)
    • Re: synchronization
      ... At the maximum slew rate of 500 parts per million, it will take several hours to bring your clock into synchronization. ... ntpd should set the clock unconditionally at startup; e.g. it should query the servers to find out what time it is and then set your clock to that time. ... Look for servers near you in geographical space and test them for nearness in net space (low round trip delays). ...
      (comp.protocols.time.ntp)