From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 09AF51381F3 for ; Thu, 25 Apr 2013 17:06:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 223FBE0BC7; Thu, 25 Apr 2013 17:05:57 +0000 (UTC) Received: from mail-ie0-f177.google.com (mail-ie0-f177.google.com [209.85.223.177]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E1DF5E0BB4 for ; Thu, 25 Apr 2013 17:05:55 +0000 (UTC) Received: by mail-ie0-f177.google.com with SMTP id 9so3772671iec.8 for ; Thu, 25 Apr 2013 10:05:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type; bh=qrV4JKxiemJySm+jiB7bTw97d0PiShrTHrGa+bL5u9A=; b=RBhrvfppfoFvjVYIcoiRWDPgTeH3vtRdoR/5itS0GUbKzLTJBF8YfDlEr/zCpWNdmB M7APUPUHAwgEvZWXvVO7jj42jl30op+pKWpiO4joya+UPmubck08AiNVdh7zWWss12jI AGJSOOHl/qSBNo9f2vZIrXd7NZ7vzJBoFPoThTW6EjroAZqnQ5dB82DCfQ6khUWLg1yT U+r2iIvYGunZIM73WqcFdvvoeQfm/Qknz0dH/F1oThD3dtIEEuefEr7CCKZoEI4eDWJT lnJ2osUhwZlIOeRo3Kl5y1sFGD+eKizk+IrhIg2SORRlspiwE9T3ASmmH0U7+fwp8uzY pfHg== X-Received: by 10.50.131.195 with SMTP id oo3mr18873361igb.22.1366909555213; Thu, 25 Apr 2013 10:05:55 -0700 (PDT) Received: from [10.1.1.12] ([162.17.129.77]) by mx.google.com with ESMTPSA id wn10sm35172222igb.2.2013.04.25.10.05.52 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 25 Apr 2013 10:05:54 -0700 (PDT) Message-ID: <51796268.5070201@gmail.com> Date: Thu, 25 Apr 2013 13:05:44 -0400 From: Michael Mol User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130222 Thunderbird/17.0.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Server system date synchronizaion References: <51794071.90009@gmail.com> <517941BA.4030603@libertytrek.org> In-Reply-To: <517941BA.4030603@libertytrek.org> X-Enigmail-Version: 1.5 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2UMGGVVKBDBUPABFQFIDQ" X-Archives-Salt: f2ab99b1-5d28-4d78-9ed2-cd4f4893df88 X-Archives-Hash: dace6ac0abcfcf80db3e888687a0a4ea This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2UMGGVVKBDBUPABFQFIDQ Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 04/25/2013 10:46 AM, Tanstaafl wrote: > On 2013-04-25 10:40 AM, Michael Mol wrote: >> For contrast, having all nodes sync to pool.ntp.org results in time >> variance of up to 2-3 minutes across a dozen or so machines. >=20 > That makes no sense... >=20 > Not calling you a liar or anything, but it just doesn't make sense. >=20 > I can see that it might take each system different times to get fully > sync'd, but for them to consistently vary by this amount? No, something= > else is wrong. >=20 > Are these virtualized servers? Some are virtualized, some are hosts, some are standalone. When all machines were configured to speak to pool.ntp.org, the variance was high. Obviously more so any time a guest was using its host's clock, and both guest and host were trying to adjust. There was still significant difference even between standalone systems. pool.ntp.org pulls from a huge pool of timeservers, and there is visible variance between more than a few of them. It's a volunteer effort. *shrug* Unfortunately, I don't have the exact variances in my notes. When I used a single standalone to connect to pool.ntp.org, and had all other systems (standalone, virtualized and guest) connect to that standalone system, virtually all variance went away. The stability of having a single local time source for all but one local machine to sync against overcame the instability caused by having host and guest ntp clients stacked. Of course, ideally, you want VM guests to rely on the VM host for their clock, and have the VM host configured with a good time source. And you would want all bare iron configured to talk to a small pool of tightly synchronized time servers. And if you can trust your layer 2 (or secure your layer 3 with, e.g. ipsec), you may further benefit from setting up a multicast time source. Further, ideally, you want a stratum 1 time server locally. ------enig2UMGGVVKBDBUPABFQFIDQ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJReWJrAAoJED5TcEBdxYwQb+QH/jaWMKwD2ylzgM3krxtvTBru WudDO6bELIGY79ZYAgvqeVxyaX7pQarkRCoVUWXt/NXUVl29QdXvHUnqkft/lzta VJ1C45jW6FO865CPR3snxFjya6YsZOiayNI/4VwR5Z+qTkDW2JtmJV6c8NQH9XPH WPJw6uzb33G/1hCJhydTXiR2BYc+RR8Ur71YCE/uynfPEdtza69+5W96kqCRR/vx 9EMYddmL7fqWmtnN22zD3ch92K84YGo5JhoNXLB0l/mqzi1LVj6IjxPIdzGcpEzi 07ScScKjZRyDWUCiLGbuC6Fsve9M3uGcSexnE41V5hZ7vDIpJunPBQNBhfXE2rY= =s3j5 -----END PGP SIGNATURE----- ------enig2UMGGVVKBDBUPABFQFIDQ--