On 11/30/23 13:06, Greg Wooledge wrote:
This machine has a working ntp, so it should be within a millisecond or so of Boulder CO if the debian "pool" references that src. The recalcitrant armbian running the rockchip card in the printer can access this machine for ping4 or ping6 purposes. It would be adequate if for timekeeping purposes if it referenced this machine. However its just as desirable to get it "online" with the rest of my machines, which requires it get rid of the 169.254.nnn.nnn its using now. I think I've found where to do it, but not right now, the printer is busy making me a mount to solar power a you've got mail alarm, with is presently using a special 12 volt battery, a 23A, every two weeks. My checking for ntp does not find anything on that cardOn Thu, Nov 30, 2023 at 04:12:48PM +0000, Andy Smith wrote:Once you've got your networking sorted out and you are setting up an NTP server, your next issue will be that one NTP server isn't enough: https://www.ntp.org/ntpfaq/ntp-s-algo-real/#532-why-should-i-have-more-than-one-clock The reason for this is that if you have just one NTP server for your network, and it goes bad (tells the wrong time), no one will be able to tell.Well, you have to consider the actual goal. If the goal is for the printer to know the exact time, because it's going to print that time on legal documents, then your point is worth considering. But if the goal is simply to ensure that all the computers on the LAN share the *same* time, right or wrong, then having them all sync to the same, possibly drifting, time server is all that's needed. Also remember, this is just Gene's home network. It's not a major data center. A single NTP server for a home network sounds adequate to me. Ultimately it's Gene's choice to make.
So preliminary:1;install on this machine the whole ntpsec group. That removed the systemd/timesyncd utility 2:create the logging dir as spec'd in /etc/ntpsec/ntp.conf. Restart /etc/init.d/ntpsec, looks like its working. I'll let it simmer a day. 3: ntp.conf describes how to make a server but i'll have to find some man page for LetsEncrypt. Nut that means I'll have to talk to Igor and rsync their repo to get it to a place on this machine where that one can suck stuff from. df says my boot drive has
/dev/sdb1 863983352 15834692 804187012 2% /used, so I ought to be able to do that. Either that, or (thinking outside the box) better yet make this machine into a NAT server to that machine as that would also enable the use of kiauh to keep the printer AND its OS updated.
Is there a ready made package to do that NAT-ing? Or can the modernized iptables do that?.
Thanks all. Cheers, Gene Heskett. -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author, 1940) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis