Solved LAN timing synchronization?

M

mefizto

Greetings all,

how to do it?

Does one need to run ntpd(8) on all the computers? What if only a single computer is used as a gateway, firewall, timing reference, etc., between the Internet and the LAN? Can this computer be used to re-distribute the timing signal obtained by the ntpd(8)?

I have also found net/ptpd2(); however, the git web-page is not very informative regarding usage: https://github.com/ptpd/ptpd.

Any help would be appreciated.

Kindest regards,

M
 
My opinions only.
"need to run ntpd on all computers" no, but "should you" Yes. It's a lightweight protocol and keeping accurate time is a good thing.

Using a single system as a gateway, firewall, timing reference, yes it is common to do this for home/small office. It's good because it means all of your internal systems should have the same time.

ntpd has both server and client pieces. Client is what pulls from the internet (typically a pool statement to pull from gives about 4 servers), the server part hands it out to your internal systems. Port 123 is the standard NTP port, you can modify the config file /etc/ntp.conf to have the server listen on specific ports, restrict what hosts are allowed to talk to you (the syntax can be a little convoluted, but ask questions and lots of folks here should be able to help).

There is also net/openntpd available, created by the OpenBSD people with an eye on security. It works as both a client and a server. It's a "functional drop in replacement" configuration is a little different than ntpd, but in use, there is little or no difference.
 
Hi mer,

thank you for the reply.

mer said:
Using a single system as a gateway, firewall, timing reference, yes it is common to do this for home/small office. It's good because it means all of your internal systems should have the same time.
Click to expand...
I asked because I have recently switched to such a network configuration.

mer said:
ntpd has both server and client pieces. Client is what pulls from the internet (typically a pool statement to pull from gives about 4 servers), the server part hands it out to your internal systems. Port 123 is the standard NTP port, you can modify the config file /etc/ntp.conf to have the server listen on specific ports, restrict what hosts are allowed to talk to you (the syntax can be a little convoluted, but ask questions and lots of folks here should be able to help).
Click to expand...
If I understand you correctly, you proposes to use the Internet facing computer as a client to obtain the timing reference from the Internet-based pool of servers and as a server, distributing thusly obtained timing reference to the computers on the LAN that will run the ntpd(8) as clients.

I did not know that this can be done, though I had been looking for a past few days. So, if someone could point me in the right direction, I would appreciate it.

Kindest regards,

M

P.S. I am actually using the OpenNTP due to my paranoia.
 
The default config for ntpd from base actually gives you both the client and server aspect. You tell it what servers to talk to, by default it listens on all ports for incoming requests.

https://man.openbsd.org/ntpd.conf.5 this is for openbsd but should work for freebsd. You want to add "listen on" directives to your config file. That opens a listening port so your clients (your internal lan) can use the gateway as a timing ref.
If your /usr/local/etc/ntpd.conf has something like:
servers 0.freebsd.pool.ntp.org sensor * constraint from "9.9.9.9" # quad9 v4 without DNS constraints from "www.google.com" # intentionally not 8.8.8.8

that sets up the client side to pull from the internet.

If your internal network interface is say em0, ip address 192.168.1.2 add a line:
listen on 192.168.1.2

Then all your LAN clients would have something like:
server 192.168.1.2
 
Hi mer,

thank you. Before I made the change, I had all the computer configured to listen on the pool of servers on the Internet.

So, thank you for the pointers how to configure the LAN computer to listen to the server.

Kindest regards,

M
 
You must log in or register to reply here.
Back
Top