Mastodon Feed: Post

Mastodon Feed

Boosted by jwz:
jbcrawford@hachyderm.io ("J. B. Crawford") wrote:

Long discussion on the orange website about the NIST's Boulder NTP site being down. Not a lot of people with practical experience in the topic.

NTP is designed to function as a tree model, rooted in "stratum 0" NTP servers with direct time references. Actual clients are expected to interact with lower-stratum servers that themselves synchronize to higher-stratum servers. Generally any NTP server with a GPS time reference is considered suitable for stratum 0, and the vast, vast majority of real-world NTP/PTP deployments are ultimately working off of one or more GPS references. GPS operates from the Naval Observatory clock via a few different layers of indirection, each of which has its own high-precision oscillators to allow plenty of holdover. Purpose-built stratum 0 servers, used e.g. in data centers, have their own precision reference oscillators for holdover should the GPS lock be lost. Basically any real problem in this space would probably evolve pretty slowly.

The NIST NTP servers have always suffered from high load, to the extent that they've sometimes been unresponsive in the past. Synchronizing devices directly to these NTP servers is a bad practice, discouraged by the NIST and now mostly gone from default configs. That limits the impact of an outage a lot. The authenticated service is intended to help with the load-related reliability issues but presumably its users are sophisticated enough that their stratum-1 will be fine. Most clients are interacting with lower-stratum NTP servers operated by, for example, ntppool.org. These track multiple stratum-0 references and will be fine with the loss of one of the NIST sites.

There are probably still a bunch of stupid clients that try NIST Boulder NTP servers exclusively (I know some old network appliances shipped like this by default), and they might be a little driftier than usual for a while, but I wouldn't expect any of these to be important as they were pretty much already misconfigured.

Big picture, the NTP system is very big and very distributed and the NIST Boulder site has no real significance beyond name recognition---the same name recognition that made it a poor choice for most purposes.