Stratum One server config and peers parameter

[linuxuser2010]

Currently setting up a stratum 1 server - what is the typical setup for the ntp.conf file. For instance, I understand I need to include

server 127.127.20.0 minpoll 4 maxpoll 4

to read my gps receiver and set the polling parameters. But, is the gps receiver the only device the stratum 1 server gets its time from, or should other stratum 1 servers be listed as peers to help further refine and improve my stratum 1's time?

Thank you.

 

[gordon@]

Data from a stratum 1 server is not as accurate as the data from your gps receiver (which is stratum 0).

 

[loop]

But, is the gps receiver the only device the stratum 1 server gets its time from, or should other stratum 1 servers be listed as peers to help further refine and improve my stratum 1's time?

Yes. you should peer your stratum 1 server with other stratum 1 servers. Best contacting the admin of the peers you would like to use and request permission - some admins get funny about unannounced stratum 1 peers.

If you want to make your stratum 1 server public, consider joining pool.ntp.org and/or adding it to the list at ntp.org

Data from a stratum 1 server is not as accurate as the data from your gps receiver (which is stratum 0).

.. which is the entire point of referencing a stratum 1 time source to a stratum 0. You should never make a stratum 0 clock available on the network directly.

 

[linuxuser2010]

Thanks for your responses - I do plan on making this server available for public access at pool.ntp.org.

Since I'll be making the stratum 1 server available to the public, some security measures to prevent client abuse should be implemented. To complement the 'restrict' parameter, I've read the 'limited' and 'discard' parameters along with 'minimum int' can be used to indicate the packet spacing the client must adhere to when transmitting to upstream/peer servers. For example:

#this host cannot remotely configure server
restrict  204.9.54.119 kod nomodify limited   

# if client transmits packets in shorter bursts than 2 second interval, drop those packets # and send 'kiss of death' bit to restrict client from 
sending any more packets until ok'd # by system operator. (This is what I took from it)
discard minimum 2

Am I on the right track with this setup? Limiting the packets that can be sent may cause problems with users who have 'iburst' enabled with their servers. I've setup a few linux boxes to try these parameters out, but welcome/encourage input from anyone who knows a more secure way of providing restrictive access controls to prevent client abuse. I'll post my results and continue to do so as I progress.

Thank you.