Installing and Administering Internet Services
216 Chapter 7
Configuring NTP
Configuration
• The outside sources of synchronization should each be in different
administrative domains, and should be accessed from different
gateways and access paths. Avoid loops and common points of failure.
Do not synchronize multiple time servers in an administrative
domain to the same outside source, if possible. See Figure 7-8.
Figure 7-8 Example Configuration for an Administrative Domain
• For enterprise networks that contain hundreds or thousands of file
servers and workstations, the local time servers should obtain service
from stratum-1 servers. See the previously-mentioned clock.txt
file for stratum-1 sources if your enterprise does not have its own
NTP time server hierarchy.
• Single, isolated workstations should not obtain time from a stratum-1
server. Workstations located in sparsely-populated domains without a
local synchronization structure should request synchronization from
servers that are stratum-2 or higher.
• When defining a relationship between a server of a higher-numbered
stratum and a server of a lower-numbered stratum, configure the
relationship in the server of the higher-numbered stratum. For
example, if a stratum-3 server is a client of a stratum-2 server,
configure the relationship in the stratum-3 server. This simplifies
configuration maintenance, since there is likely to be more
configuration change in systems of higher-numbered stratums, such
as workstations.
Administrative Domain
Stratum 2
Server
Stratum 2
Server
Stratum 2
Server
Stratum 1
Server
Stratum 1
Server
Stratum 1
Server
Stratum 1
Server
Stratum 1
Server
Stratum 1
Server