Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Aug 1999 20:46:10 -0700 (PDT)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Karl Denninger <karl@Denninger.Net>
Cc:        Jon Hamilton <hamilton@pobox.com>, Greg Black <gjb-freebsd@gba.oz.au>, Will Andrews <andrews@TECHNOLOGIST.COM>, Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG
Subject:   Re: Securelevel 3 ant setting time
Message-ID:  <199908210346.UAA69386@apollo.backplane.com>
References:  <19990820214657.1605.qmail@alice.gba.oz.au> <19990821031948.09B2B1D@woodstock.monkey.net> <19990820222419.A83963@Denninger.Net>
next in thread | previous in thread | raw e-mail | index | archive | help 
:> Absolutely untrue.  There's value in keeping a group of machines
:> synchronized to _each other_, regardless of whether they're also 
:> synchronized to the correct time.  It is true that _for some purposes_
:> xntpd isn't all that useful in an intermittently-connected scenario,
:> but that doesn't render it completely devoid of any value.  
:> 
:> -- 
:>    Jon Hamilton  
:>    hamilton@pobox.com
:
:Its not at all difficult to wire a GPS to be the "master" upon which XNTPD
:syncs.
:
:Without PPS output you won't be COMPLETELY accurate, but a few tens of
:Karl Denninger (karl@denninger.net)  Web: childrens-justice.org

    It's fairly easy to setup xntpd to use a local clock when it cannot
    find a remote clock.  As long as the two don't get too-badly out of sync
    from each other xntpd can switch between them.

    I use this trick all the time for machines which are not always
    connected to the net.  What you do is have one machine on your LAN
    be a stratum 8 time source.  You also set it up to connect to a real
    time source on the internet.  When you have internet connectivity the
    real time source wins.  When you don't, the local stratum 8 time source
    wins.  Simple!

    See /usr/src/usr.sbin/xntpd/doc/README.refclock and other documentation
    for more information.


						-Matt

monitor no
broadcastclient no
broadcast (my LAN broadcast address)
restrict 0.0.0.0 notrust nomodify
server 127.127.1.0 
fudge 127.127.1.0 stratum 8
restrict (someinternetip)
...
server (sameinternetip)
...
driftfile /var/run/ntp.drift



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908210346.UAA69386>