NTP Server for time syncing within an isolated LAN

Question

Level 1

0 points

NTP Server for time syncing within an isolated LAN

I am in the processes of setting up an Open Directory Master and multiple Xsan RAID storage systems to support file services for computers on my local network. Apple has made this a reasonably straight forward process, just as long as your network connects to the internet! However, as several others have discovered, configuring NTP time syncing to make it all work on an isolated network (i.e. a LAN without ISP-supplied internet access or DHCP/DNS service) is problematical. Proposed solutions for the isolated NTP Server issue are to either force one of the Xserves to be the server or to purchase a NTP Server appliance. Neither are particularly satisfying solutions for my situation.

Has anyone attempted to configure a NTP Server under Leopard using multiple Xserves via the peer option, or the orphan mesh configuration in newer versions of NTP? For example, I have four Xserves in my equipment rack that could cooperate via the peer option to act as better, and more robust, composite NTP Server for the rest of my computers on the LAN. Is this possible or am I just missing something?

Thanks to all in advance!

Xserve G4 & Intel, Mac OS X (10.5.5)

Posted on Oct 5, 2008 12:31 PM

Reply

Answer 1

MrHoffman

Level 10

154,029 points

Oct 5, 2008 2:15 PM in response to babcom

Best to have an external connection via network or via modem or via GPS receiver or such.

If you trust the clock in the Xserve box (I've run various ntp servers on various other platforms, and clock stability and drift varies -- and they all tend to stink); you'll likely want to free-run your clock at a bigger-numbered ("higher") stratum. Don't run the local clock at a lower-numbered stratum; you always want any better clocks found to be used in preference to any local clocks.

Here, the closest direct analog is the so-called undisciplined local clock [(1)|http://www.opensource.apple.com/darwinsource/Current/ntp-37/ntp/html>, [(2)|http://www.opensource.apple.com/darwinsource/Current/ntp-37/ntp/html/drive rs/driver1.html]; where you're running your own network. This isn't the best idea, as the time will drift. While you'll want to take a look at the ntp documentation, undisciplined local clock looks like this:

server 127.127.1.0
fudge 127.127.1.0 stratum 10

Or you use [Orphan mode|http://www.eecis.udel.edu/~mills/ntp/html/assoc.html].

Do read through the ntp and ntp.conf man pages, and the [grundoon ntp.conf file|http://www.opensource.apple.com/darwinsource/10.0.2/ntp-13/ntp/conf/grundo on.conf], and see [Apple TN303731|http://docs.info.apple.com/article.html?artnum=303731].

Reply

Answer 2

babcom Author

Level 1

0 points

Oct 8, 2008 2:41 PM in response to MrHoffman

Yes, you are quite correct regarding the external NTP reference. However, my LAN is truly isolated in just about every sense of the word, including the RF-spectrum. You are also quite correct about individual system clocks. Given these restrictions, I would like to form a better local NTP Server solution than relying on a single system clock using the equipment I currently have on the network. Clearly, UTC is out of the question, but something better would be good.

Thank you for the advice on the stratum levels in particular, it should prove useful while sorting through NTP to find a work-around solution.

Regards,
BABCOM

Reply

Answer 3

MrHoffman

Level 10

154,029 points

Oct 8, 2008 6:08 PM in response to babcom

No RF? Ah, why didn't you say so. I've dealt with those networks, and with the folks that run them. There are other options here; there are other ways to establish a LAN-specific time base that doesn't involve modem or RF. A cesium fountain clock is the expensive approach here, though you can most certainly go cheaper if your accuracy requirements allow it. These approaches usually comprise a timebase and and out-board site-local ntp server.

Reply