If you need four NTP servers with a DD-WRT router... Good luck with that, F**K baby steps.
In case servers go down yes of course redundancy is always good, also typical defaults are four pools.
Also consider DNS failure so I focus on IPs. 64 characters allows 2.pool.ntp.org plus one IPv6 address.
At least users can now configure 3 Ipv4 or 1 pool and 2 IP. 32 was limited two IPv4 or 1 pool and 1 IP.
It was a mistake in attempt to compromise but without any response I lowered from 64 to 49. My bad.
kernel-panic69 wrote:
There's a need to use third-party solutions for windows time services?
Windows time service has a long history of breaking, but OOTB I found sync results to be inconsistent.
Anyway just sharing my method of selection, maybe flawed or not as I do not have GPS, RTC or ntpd.
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Sun Jul 31, 2022 9:15 Post subject:
No one is blaming user config and limiting choices, this is not a fair assessment of the situation.
My point is 3 NTPs with 2 fallbacks in case of failure of primary should be enough for most. If the 3 fail, like I said, anyone in this edge case would have bigger problems.
If you want to improve the situation emotion must be set aside, you must present a case that well considered, detailed and presented. Without this, trying to convince BS will be a extremely hard and time consuming proposition.
Feel free to open a thread with polls and the case being presented instead of this thread which is unrelated. (I already allowed this threads poll to run forever to gather real data hopefully.)
For instance presenting the above would be e.g. expanding on: What problem would the proposition solve? Who would benefit from the implementation and under which circumstances? Which scenarios would the proposition improve vs current? as well as other careful considerations.
You should be able to do whatever you propose via CLI right now afaik, if this isn't the case, then verifiable evidence should be presented to the contrary (this would also help above), I cannot test any IPv6 scenario as my ISP doesn't provide IPV6 even.
According to ntp.org pools should be used, ideally several.
Each pool provides several server addresses which change hourly.
host 0.pool.ntp.org
0.pool.ntp.org has address 136.243.202.118
0.pool.ntp.org has address 94.23.160.14
0.pool.ntp.org has address 62.108.36.235
0.pool.ntp.org has address 141.95.116.43
host 0.pool.ntp.org
0.pool.ntp.org has address 130.255.77.87
0.pool.ntp.org has address 162.159.200.1
0.pool.ntp.org has address 94.23.165.42
0.pool.ntp.org has address 164.68.124.74
But if you restart the router then it has no valid time set.
And if you then use DNSSEC then the router can not resolve the pool addresses.
Therefore static IP addresses are configured as fallback.
At this point I would like to point out that pool.ntp.org is a cluster of 4500 servers worldwide.
And from the statistics you can see that regularly servers go online or offline.
So if you just randomly pick an IP address from the pool and configure it as a static server, there is at least the possibility that the server is no longer available at a later time or is offline due to a malfunction.
You could of course use the NTP server of your own internet provider, as this is usually a reliable high availability solution.
But many do not trust their provider
anyway it is not a disadvantage to have the possibility to configure multiple addresses.
You could of course avoid this problem with a RTC but very few routers have one.
You should also consider that dd-wrt has defined multiple addresses internally for this reason.
Joined: 08 May 2018 Posts: 14244 Location: Texas, USA
Posted: Mon Aug 01, 2022 17:24 Post subject:
<off-topic> We were told not to put ourselves in the same position as Fractal, Eko, and <Kong> when @egc, @rkboni, and others including myself decided to go the way of working on Community Builds to roll our own / contribute to Official development. An off-shoot of that venture is not going to put themselves in the previously mentioned position, either. So, folks can deal with the Official releases or learn how to compile images and create their own firmware image configurations.
Anyhow, I'm knee-deep in resolving something if I can ever get a response or figure out the proper steps on my own. Of course, it would be great if you could just flash from webUI or TFTP recover the device in question and be done with it... trying to find the "known instructions" being referenced has not been fruitful yet </off-topic>. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
A lot of it comes down to needs/interest... What resolution of a clock do you need... I am surprised no one is asking for PTP (Precision time Protocol)...
Part of the reason that the pools point to different ips is because some are volunteers and go up and down as well as there is load balancing.
My feeling is that it depends on what the router wants... stock usually does not have as many capabilities as DD-WRT, so I am thankful that someone figured out the builds/tool-chain and maintains these small boxes, but if I really want it to be a server for everything I build my own...
Anyways, I wanted to make a few comments...
1. time is time, and it is an arbitrary definition, so what these systems are trying to do is ensure we all agree on the same time.
2. GPS time is a correlation of multiple broadcasts to a single receiver
3. PPS, is only a highly accurate oscillator tuned for a second, usually this pulse comes on the second roll over, it technically does not care/know what the actual time is
4. NTP algorithms use clustering because there is so much variablility in network traffic and even your computers, so it is statistically trying to calculate the exact time based on estimated offsets and measurement of latency
Thank all of you discussing whether the ntp server should be on ddwrt or not.
Please let me show one fact: openwrt really set the option for end-user decide whether openwrt as ntp server or not.
I agree it should be an option, and let the user's decision to enable or not, if the total increased size of firmware (except micro build) is tiny.
For most of usage, that will be benefit. For me, I always use unbound@wrt1900acs or dnscryp-dns@r6250, both of them need precious time, if need more entware then lots of easy steps, it is not convenience at all, especially on extra USB device.
Joined: 18 Mar 2014 Posts: 12915 Location: Netherlands
Posted: Thu Aug 04, 2022 8:25 Post subject:
saphirely wrote:
Thank all of you discussing whether the ntp server should be on ddwrt or not.
Please let me show one fact: openwrt really set the option for end-user decide whether openwrt as ntp server or not.
I agree it should be an option, and let the user's decision to enable or not, if the total increased size of firmware (except micro build) is tiny.
For most of usage, that will be benefit. For me, I always use unbound@wrt1900acs or dnscryp-dns@r6250, both of them need precious time, if need more entware then lots of easy steps, it is not convenience at all, especially on extra USB device.
For my understanding why would you use the router as NTP server, in the end it just gets its time from the internet.
Of course if the router has an RTC then I could see that you wanted to distribute time across your network but that is seldom the case.
For all of you who struggle with the catch 22 of "secure DNS", see below from the SmartDNS Guide:
Quote:
NTP problems
When only using DoT and /or DoH you need to have a current/correct time to get going but to get the current NTP time you need to resolve the built-in 2.pool.ntp.org domain.
if it keeps failing it will tryi IP addresses and eventually NTP should be started with the correct time.
However it can take minutes and some processes might time out (WireGuard for one).
To solve this problem add to DNSMasq additional options (use two for redundancy):
server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
This will make sure that the used NTP domain 2.pool.ntp.org is resolved via DNS server 9.9.9.9 as soon as DNSmasq has started.
Alternatively you can specify an IP address as Time server but the above is the superior option as it resolves more than one IP address