timekeeping on jail servers

Bill Moran wmoran at potentialtech.com
Fri Dec 21 08:23:06 PST 2007 

In response to shinny knight <sh1nny_kn1ght at yahoo.com>:
> On Tue, Dec 18, 2007 at 11:02:12AM -0500, Bill Moran wrote:
> > In response to "Michael W. Lucas" :
> > > 
> > > Been searching around without results:
> > > 
> > > Has anyone come up with a decent way to do timekeeping on a jail
> > > server? ntpd(8) binds to all addresses, and I'd rather not do a
> > > ntpdate out of cron.
> > 
> > I'm not entirely sure I comprehend where you're having trouble, Michael,
> > but we use openntpd on all our systems, specifically because you can
> > tell it what addresses to bind to.
> 
> That would be you don't have my problem. Openntpd will solve my
> problem.
> 
> Thanks for all the pointers, including the dozen or so private ones!
>    
>   Hello Michael,
>    
>   Is there any special reason you do not want to use ntpdate from cron?
>   Is working fine for me on FreeBSD jail servers.

The reason that is not recommended is that it results in sudden steps
of the clock.  Occasionally, these steps go backwards.  Software that
is very sensitive to time changes (make processes, database servers,
anything doing calculations WRT time) can break, crash, or work
inaccurately.

ntpd works by speeding up or slowing down the clock to catch up to the
correct time.  As a result, it's much less likely to disturb time-
sensitive applications.  Also, over time ntpd will tune the clock so
that it is actually ticking correctly, unlike the ntpdate in cron
solution.

For example, if your clock cronically ticks 1 second slow every 5
minutes:
* running ntpdate from cron every five minutes will result in a 1 second
  "jump" every time it runs.
* Running ntpd will result in the kernel speeding up the clock so that
  it actually ticks correctly.

A lot of people new to ntpd think that it's not working because they
start it and their time is still wrong.  If the time is badly wrong when
ntpd starts, it can take quite a while for it to correct it.  If you
have a machine that is frequently turned off, ntpdate should be run at
boot to snap the time into correctness, at which point ntpd will keep it
there.

-- 
Bill Moran
http://www.potentialtech.com

More information about the freebsd-questions mailing list