moseley@hank.org wrote: > Can someone summarize the different ntp packages? In the beginning systems were isolated. There was no net. Then UUCP brought light unto the darkness. This was called USENET and we saw that it was good. [It is a unix list so I am not mentioning fidonet.] These isolated systems did not know the time of other systems. Then as it became useful and required to keep the time of systems reasonably close people starting setting the time with random programs and scripts. People were ignorant of the problems of stepping the time on a system would step the time on a running system with 'rdate' and other commands. But this can cause problems. The easiest to visualize is that cron might not run a task or might run a task twice depending on the step. Then smarter programs were developed such sn xntpd which would squeeze and expand cpu cycles within a second so that every second was seen by the system. This pleased the system admins and it was good. After many years of use xntpd became the standard tool and the x for experimental was dropped from the name. It is now ntpd and the defacto standard program. Later in time others were embracing the way of the open source and proverb that there are many ways to do things. Programs like chrony emerged as a competitor to the ntpd program. Not having ever used it because ntpd does such a good job for me even on my sometimes connected systems like my laptop I can't say why people like chrony. But their users tend to be fanatical about it. Best to stay out of the way lest the thread length soon becomes greater than 100! > For example what to run on a server vs. on an internal NAT'ed > workstation. All unix hosts are servers whether they are behind a NAT firewall or not. I imagine that it does not matter which implementation of the service you use as long as you use a good one. How you configure them matters. The firewall would prevent you from peering the two systems. But the host behind the firewall could use the host outside as a server. In /etc/ntp.conf speak a host shares with its 'peer' hosts and UDP traffic is bidirectional. But a client just polls and pulls from a 'server'. > Or what is best for a dialup ADSL connection vs. full-time connection. I use ntpd for both. Works great. I use ntpd on my laptop too. > I'm using both chrony and ntp on various machines, and it seems as if > they both provide ntp network service (via netstat and lsof), but seems > like I can run this > > nptdate -d <machine running ntp> > > but this fails > > ntpdate -d <machine running chronyd> > > But I'm not sure why one works and not the other. Let me hazard a guess that chrony is not a full implemention. It is the newcomer to the block and so may not have gotten around to implementing everything. But again I have not used it so this is complete supposition on my part. It is just as possible that ntpdate is using nonstandard extensions only provided by ntpd. > Also, what uses the "time" and "daytime" services provided via inetd? Today? Nothing of which I am aware. Twenty years ago? Diagnostic scripts written by local admins to debug their clocks. Actually even today one of the local admins at my site has a big time pinger that uses that to make sure the host is up and talking. You can ping a host that is hung because the network card or driver may be able to respond regardless of the state of the machine. But time goes through inetd and so it shows that the machine has at least a little higher order brain function working. And if the time is significantly off from what is expected then you know the system is sick and in need of some tlc to repair it. You can pretty safely disable those today. People tend to leave them in place for historical reasons. They don't hurt anything and so there they are. Every so often someone starts a discussion suggesting that any open service is a security hole and suggests that these should be off. But there are no known exploits. (Note to the list: Let's not go down the rat hole of how to exploit these, we have heard them all before.) Bob
Attachment:
pgpxdL48BemPI.pgp
Description: PGP signature