summary -Re: [olug] local ntp time server?

Christopher Cashell topher at zyp.org
Wed Feb 19 20:22:29 UTC 2003 

At Sun, 16 Feb 03, Unidentified Flying Banana Brian Wiese, said:
> |Just a note, if your computer has a constant internet connection, you'll
> |get much more reliable time by running ntpd, rather than just ntpdate.
> 
> True, but I'd rather not run a daemon listening on my external interface
> with an open port number for security reasons.  I plan to run it on my
> internal network though, to minimize the number of outbound requests/load
> on the servers, from my machines.

Well, ntpd is a rather unusual daemon, in that it actually serves two
functions.  First of all, it will continually make outbound connections
to update the system clock, much like ntpdate, but in a more regular
manner (and with greater precision, as it tracks things like time drift
between updates).  Secondly, it can allow other NTP clients to connect
to it and get the time.  ntpdate is generally intended for machines
without a permanent internet connection, or for doing an initial time
reset before running ntpd (by default, ntpd will exit if the local time
is off by more than 1000s, as a sanity issue (worrying that the
time server might be *way* off)).

For the most accurate time, I'd strongly suggest running ntpd on your
gateway box, synchronizing it's time with a couple of time servers, and
then having the machines on your LAN synchronize their clocks to it.

With a simple firewall rule, you can prevent those outside of your LAN
from accessing the NTP port, making it quite secure.

On a slightly related note, you asked about adjusting your time zone. . .
I believe the "official" way of doing it on recent glibc2/libc6 Linux
boxen (at least on Debian) is using the 'tzconfig' command.

Also, if anyone is looking for an open time server, they're welcome to
use mine (time.zyp.org).  Particularly if they're using Internet access
through Qwest.

>   Brian Wiese | bwiese at cotse.com | aim: unolinuxguru

-- 
| Christopher
+------------------------------------------------+
| A: No.                                         |
| Q: Should I include quotations after my reply? |
+------------------------------------------------+

More information about the OLUG mailing list