Date: Sat, 21 Aug 1999 07:46:57 +1000 From: Greg Black <gjb-freebsd@gba.oz.au> To: Will Andrews <andrews@TECHNOLOGIST.COM> Cc: Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: Securelevel 3 ant setting time Message-ID: <19990820214657.1605.qmail@alice.gba.oz.au> In-Reply-To: <XFMail.990820115204.andrews@TECHNOLOGIST.COM> of Fri, 20 Aug 1999 11:52:04 -0400 References: <XFMail.990820115204.andrews@TECHNOLOGIST.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
> Xntpd is not that difficult. Unlike ntpdate, it can update your system clock > while also acting as a time server for your local network, reducing bandwidth > costs (yes, minimal, if you have a very small network, but still worth time and > money.) It is also more reliable and far more featureful than ntpdate (hey, > encryption compensation!). Just as a bit of extra information, xntpd is useless for small networks that don't have constant connectivity to time servers. In the case of a network that connects to the Internet once or twice a day for just a few minutes, a workable solution is to run ntpdate (with three servers as arguments) on each connection and to use timed on the LAN. The machine that runs ntpdate runs timed with the "-F myname" flag and the others use no flags. If you happen to have a machine that needs its regular tweaks by ntpdate to exceed half a second, then you can adjust the kernel tick a few units either side of its default setting of 10000 so that things stay relatively stable. > As for "large, expensive daemon", that is incorrect. xntpd barely takes 1MB of > total RAM on my machine, and usually close to zero CPU. It may be worth noting that timed is much smaller and uses much less CPU than xntpd. On the other hand, if you do have the connectivity, xntpd is probably the preferred solution. -- Greg Black -- <gjb@acm.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990820214657.1605.qmail>