Re: ntpd vs ntpdate with no hardware clock

From: Patrick M. Hausen <pmh_at_hausen.com>
Date: Sun, 07 Jul 2024 19:49:31 UTC
Hi all,

> Am 07.07.2024 um 21:07 schrieb Marcin Cieslak <saper@saper.info>:
> Rrecently I have removed an RTC battery
> from my amd64 system and it turned out
> that ntpd couldn't do anything to set the time
> because the local DNS resolver failed
> (I presume it was dnssec failure).
> 
> What is the most elegant solution to
> cope with such a race condition?
> (DNS needs time, setting time needs DNS)

Have at least one dedicated NTP server in your infrastructure,
itself pulling from stratum 1 servers like e.g. ptbtimeX.ptb.de for
Germany and use that one with an IP address or a static
/etc/hosts entry instead of relying on DNS.

I don't know if that is the most elegant one, but it's what we
do. Official german time source Physikalisch-Technische
Bundesanstalt officially encourages everyone to use their
servers but asks to appoint dedicated systems (in case of a
small setup e.g. just a single system, the firewall) to poll
these and point all clients at your local NTP server(s).

That way everybody gets stratum 2 servers for free.

HTH,
Patrick