How to Configure NTP — Part 2
Knowing which configuration is right for you is key to NTP success.
In my previous blog post in this series on Networking Time Protocol (NTP), I provided the definitions of terms that I’ll be using in this post to discuss the different configurations that are in use.
When working with NTP, the guiding principle is known as Segal’s law. Segal’s law states, “A man with a watch knows what time it is. A man with two watches is never sure.” This adage helps to illustrate the need for multiple sources of accurate time. But we’ll see, as we get into the configuration options, that there is more to consider when setting up NTP.
Single NTP Server (Very Small Network)
Based on Segal’s law, a single NTP server in the environment would be acceptable, providing consistent time throughout the network. But this scenario would not provide any redundancy in the case of failure. The single NTP server should be synchronized to five diverse upstream NTP sources to determine accurate time. This type of design would only be advisable for very small networks, such as a home network or a single Layer 3 network where the NTP server is also the default gateway.
Click to enlarge image – Single NTP Server Configuration
Dual NTP Server (Worst Configuration)
Two NTP sources is the most common NTP configuration. And this is actually the worst type of configuration, based on Segal’s law. The NTP client has no way of determining which NTP server has accurate time and, in turn, could easily select the wrong one based on what’s essentially a coin flip choice.
Click to enlarge image – Dual NTP Configuratio
3 NTP Servers (Minimum) Configuration
Three NTP sources is the minimum number of sources required for the NTP client to be able to determine accurate time. This design, though, does not provide any resiliency for a failed or inaccurate NTP source. Once a failure occurs (which is actually quite common), the NTP client will be left with only two NTP sources and be unable to determine which is accurate.
4 NTP Servers (Acceptable) Configuration
Four NTP sources is an acceptable NTP architecture design, as it does provide some resiliency for failed and inaccurate NTP sources, but not both simultaneously. The following failure matrix illustrates the design limitations.
5 NTP Servers (Best Practice) Configuration
Five NTP sources that are synchronized to five diverse upstream NTP sources is the best practice design. It is an excellent choice because of its resiliency and accuracy. If five internal sources are not possible, consider augmenting any additional internal sources with reliable external NTP sources. Recommended external NTPs are listed at the end of this blog.
Click to enlarge image – 5 NTP Servers Configuration
Getting Started
With an understanding of the NTP terminology and now a clear explanation of the pros and cons of various configurations options, you are ready to get started with synchronizing your servers. My next blog post will provide some guidance on the best resources for reliable NTP servers and those you’ll want to avoid.
