[LINK] RFI: Clock Synchronisation in Hosts

gr0ve gr0ve at exemail.com.au
Wed Nov 12 12:55:29 AEDT 2014 

I have a little bit of experience with time (NTP) servers.
When you run large enterprise systems it is essential all the 
systems mounting file systems from SAN & NAS refer to
as accurate synchronisation as possible, otherwise checkpoints
and milestones will not update with the metadata correctly.  If a system mounting via samba or NFS for example starts to drift
away from the server's time reference, it can lead to denial of service, race conditions and other sneaky corruption.

In my home network, I tend to run my own local NTP
server for this function, which itself sources the time from one
of the available Australian NTP servers. On the Mac desktops
I point the time server to my local one, in earlier versions of
MacOS I had to edit the .plist and NTP config files myself
to ensure it used my choice.  It is likely a permissions problem
or just that 10.4 is getting a bit stale now!  

So, in the context of a large distributed network of interrelated
servers relying on each other for services like file systems, then
NTP accuracy becomes very important indeed.  Imagine the
fun that has been had recently in Parliament House regarding the
Ashby affair, which all goes down to a couple of time stamps
that have entered into the metadata for the documents supposedly erroneously because of a drifting NTP client. It does happen,
and an inaccurate time service is obviously a wonderful source
of plausible deniability, so yes.... - as accurate as possible ;)

rachel

--
rachel polanskis
IT Consulting, UNIX & Macintosh
Greater Western Sydney
<gr0ve at exemail.com.au>

> On 12 Nov 2014, at 12:21, Roger Clarke <Roger.Clarke at xamax.com.au> wrote:
> 
> My MacOSX 10.4.11 Date and Time tool has the 'Set date & time automatically' option set, pointed at Apple Asia's server at time.asia.apple.com.  
> 
> I find it a serious concern that it doesn't work, and only synchs when I open the panel.
> 
> Having my clock run fast by c. 5 seconds per day is one thing.  But there are a lot of host devices around the place which would create far bigger problems if they got significantly out of synch with authoritative time.
> 
> What's the impression of Link Institute members about the frequency with which hosts in professionally-run organisations synch with time-servers?
> 
> A related question would be:  what tolerance would be reasonable to expect from date-time stamps compared with an authoritative time-server, e.g.
> +/- 1 second?  
> +/- 5 seconds?
> 
> -- 
> Roger Clarke                                 http://www.rogerclarke.com/
>                         
> Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
> Tel: +61 2 6288 6916                        http://about.me/roger.clarke
> mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/ 
> 
> Visiting Professor in the Faculty of Law            University of N.S.W.
> Visiting Professor in Computer Science    Australian National University
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

More information about the Link mailing list