Change "server" command to "pool" #178
Conversation
Per discussion in https://community.ntppool.org/t/vendor-zone-s-not-resolving/1408/8, so that hosts re-query the pool for a new pool server when an existing pool server becomes unreachable. Support in ntpd looks to have been added in v4.2.6 which was released in late 2016.
| server 1.pool.ntp.org | ||
| server 2.pool.ntp.org | ||
| server 3.pool.ntp.org | ||
| pool 0.pool.ntp.org |
There was a problem hiding this comment.
This will give each client up to 16 IPs, no? Way too many. (32 if they are dual-stack and support IPv6, too -- at least when we've added IPv6 to all 4 names).
I think it should just be
pool 0.pool.ntp.org
or maybe even a new name specific for "pool supporting" client
pool [something-new].pool.ntp.org
The latter would just be
pool time.centos.pool.ntp.org
or similar with appropriate changes to how the vendor zones are generated. (And some options for the vendor to choose which kind of clients they have, so the system can configure the names accordingly).
For example a "pool supporting" client is more flexible about servers coming and going.
An SNTP client doesn't care of if the server is there tomorrow or not, but it must be available right now.
A traditional NTP client can deal with the server coming and going, but doesn't deal well with the server disappearing permanently. (Etc).
There was a problem hiding this comment.
Ah, yes, I think I see where I've misunderstood... :)
This started with https://rt.ntppool.org/Ticket/Display.html?id=6923 where the "ntpq -pn" outputs show a couple of servers with old "when" times and refid STEP as they haven't replied. The end user reports some of his 1,500 VMs have intermittent problems getting time. It looks like it's because the NTP pool servers are no longer supplying time.
Googling I found this page https://kb.meinbergglobal.com/kb/time_sync/ntp/configuration/ntp_pool_usage which says "pool" dynamically fetches another IP if one stops responding which sounds like the fix needed. I didn't realise "pool" would use all IP addresses returned! https://www.eecis.udel.edu/~mills/ntp/html/confopt.html#pool says "one or more ... addresses" but it makes sense that it uses all addresses returned.
I note he has a (cheeky!) little dig at the bottom of https://www.eecis.udel.edu/~mills/ntp/html/discover.html#pool about "suboptimal" instructions on the pool pages! :o
The "pool" command seems to help two things:
- people who run servers without rebooting for ages eventually not getting time from the pool if the four servers they happened to get no longer respond.
- server operators who remove their server from the pool should see a faster drop off in NTP traffic.
So it sounds like a good thing to do unless I'm missing something obvious? (which I probably am!) :)
(Agreed it's irrelevant for SNTP clients.)
The changes to introduce the "pool" command to ntpd look to have been introduced in 2015 or so.
Are you happy with replacing the "server" lines with "pool 0.pool.ntp.org" for this page and "pool 0.centos.pool.ntp.org" for the default Centos ntp.conf file?
There was a problem hiding this comment.
Yeah, I think so. (Except don't mention centos in the generic instructions; that should just be for the people managing the default CentOS config).
It also needs to mention that if you use ntpd older than 4.2.8 then use the 4 server lines.
Per discussion in https://community.ntppool.org/t/vendor-zone-s-not-resolving/1408/8, so that hosts re-query the pool for a new pool server when an existing pool server becomes unreachable. Support in ntpd looks to have been added in v4.2.6 which was released in late 2016.