top | item 46213406

Atomic time source failure at NIST Gaithersburg campus

42 points| dpcx | 2 months ago |groups.google.com

10 comments

floatin|2 months ago

I wonder if it’s a response to this https://www.reuters.com/world/china/china-accuses-us-cyber-b...

Huh, I guess it's best to think of each site's NIST NTP servers as 'load-balancers' in front of a single 'application server'.

Fun fact: Per [0], if you provide enough servers, the NTP client can detect a "falseticker" that is not providing accurate time. The number of NTP servers required is `2n+1` where `n≥1`.

Of course, that requires each NTP server use its own time source.

So, note for me: If I want NTP redundancy and I'm using NIST's servers, pick one NTP server from each of NTP's three sites.

[0]: https://support.ntp.org/Support/SelectingOffsiteNTPServers#U...

metaphor|2 months ago

> So, note for me: If I want NTP redundancy and I'm using NIST's servers, pick one NTP server from each of NTP's three sites.

System robustness hazard that won't tolerate just querying time.nist.gov at 4-sec or greater intervals?

From the cow's mouth[1]:

>> The global address time.nist.gov is resolved to all of the server addresses below in a round-robin sequence to equalize the load across all of the servers.

[1] https://tf.nist.gov/tf-cgi/servers.cgi

RossBencina|2 months ago

-10ms, no redundant clocks, and they're leaving most of the servers up with that amount of skew. Wow. I am astonished that NIST does not have multiple clocks over multiple distributed sites with robust ability to detect and bypass individual failures.

DANmode|2 months ago

This was implied by them taking the time and effort to establish multiple sites.

octaane|2 months ago

Good to know they have multiple backup clocks across the continental US.