From owner-freebsd-questions@FreeBSD.ORG Fri Dec 21 16:23:06 2007 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03C0216A417 for ; Fri, 21 Dec 2007 16:23:06 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from mail.potentialtech.com (internet.potentialtech.com [66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id B0A1B13C448 for ; Fri, 21 Dec 2007 16:23:05 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from vanquish.pitbpa0.priv.collaborativefusion.com (pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.potentialtech.com (Postfix) with ESMTP id 47FA2EBC3B; Fri, 21 Dec 2007 11:23:04 -0500 (EST) Date: Fri, 21 Dec 2007 11:23:03 -0500 From: Bill Moran To: shinny knight Message-Id: <20071221112303.19619c39.wmoran@potentialtech.com> In-Reply-To: <343753.78466.qm@web44811.mail.sp1.yahoo.com> References: <20071218165521.GA37529@bewilderbeast.blackhelicopters.org> <343753.78466.qm@web44811.mail.sp1.yahoo.com> X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org, "Michael W. Lucas" Subject: Re: timekeeping on jail servers X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Dec 2007 16:23:06 -0000 In response to shinny knight : > On Tue, Dec 18, 2007 at 11:02:12AM -0500, Bill Moran wrote: > > In response to "Michael W. Lucas" : > > > > > > Been searching around without results: > > > > > > Has anyone come up with a decent way to do timekeeping on a jail > > > server? ntpd(8) binds to all addresses, and I'd rather not do a > > > ntpdate out of cron. > > > > I'm not entirely sure I comprehend where you're having trouble, Michael, > > but we use openntpd on all our systems, specifically because you can > > tell it what addresses to bind to. > > That would be you don't have my problem. Openntpd will solve my > problem. > > Thanks for all the pointers, including the dozen or so private ones! > > Hello Michael, > > Is there any special reason you do not want to use ntpdate from cron? > Is working fine for me on FreeBSD jail servers. The reason that is not recommended is that it results in sudden steps of the clock. Occasionally, these steps go backwards. Software that is very sensitive to time changes (make processes, database servers, anything doing calculations WRT time) can break, crash, or work inaccurately. ntpd works by speeding up or slowing down the clock to catch up to the correct time. As a result, it's much less likely to disturb time- sensitive applications. Also, over time ntpd will tune the clock so that it is actually ticking correctly, unlike the ntpdate in cron solution. For example, if your clock cronically ticks 1 second slow every 5 minutes: * running ntpdate from cron every five minutes will result in a 1 second "jump" every time it runs. * Running ntpd will result in the kernel speeding up the clock so that it actually ticks correctly. A lot of people new to ntpd think that it's not working because they start it and their time is still wrong. If the time is badly wrong when ntpd starts, it can take quite a while for it to correct it. If you have a machine that is frequently turned off, ntpdate should be run at boot to snap the time into correctness, at which point ntpd will keep it there. -- Bill Moran http://www.potentialtech.com