Red Hat Bugzilla – Bug 82511
redhat-config-time should contain NTP servers only by permission
Last modified: 2008-05-01 11:38:04 EDT
The redhat-config-time comes pre-loaded with a default set of NTP servers. Unless Red Hat has confirmed with each and every server operator that listing their server in redhat-config-time is acceptable, then Red Hat *should not* list those NTP servers, as listing those servers without permission violates the NTP "Rules of Engagement": http://www.eecis.udel.edu/~mills/ntp/servers.html (In particular, a handful of the servers redhat-config-time contains are stratum 1 servers. Individual clients should rarely (if ever) point directly to stratum 1 servers.) If Red Hat wants to always have default NTP servers in this utility, I suggest the following: public-ntp-1.redhat.com public-ntp-2.redhat.com public-ntp-3.redhat.com [...] (In other words, if Red Hat wants to create an application that will encourage Red Hat customers to overwhelm NTP servers, it should be Red Hat's own NTP servers that are overwhelmed.) Alternatively, consider creating another checkbox: [ ] Use NTP servers provided by DHCP This will be hard, though; you'll need hooks into the /sbin/dhclient-script script to Do It Right. And you'll still need a fallback if DHCP doesn't return a value for the ntp-servers option. If you already asked permission from each and every NTP server operator before adding their server to the list in redhat-config-time, then please ignore this report.
All the servers in the list have an open access policy according to http://www.eecis.udel.edu/~mills/ntp/clock2a.html. I also changed the list to include only stratum 2 time servers, except for time.nist.gov. This change should be in Phoebe2. time.nist.gov, incidentally, is one of only two servers that Windows XP presents (time.microsoft.com is the other one). Considering that there must be tens of millions of installations of Windows XP at this point, I don't think that adding a few Linux users onto that server is going to make much difference. For what it's worth, I tried months ago to convince people inside Red Hat to set up a public NTP server as you suggested but I got nowhere with the idea. See bug #68503 for information about NTP and DHCP.
That seems reasonable. Although I would still argue that time.nist.gov should be removed. We already know that Microsoft is antisocial. ;) Red Hat should take the moral high ground here, and list *only* stratum 2 time servers with open access policies. (It's a pity that the pub-ntp.redhat.com idea didn't fly.)
Good news. We now have two public NTP servers. clock.redhat.com and clock2.redhat.com.
Coolness. I can't find an access policy for those machines anywhere--not on Red Hat's web site, nor on the NTP "Rules of Engagement" pages. What's the access policy?
Hmm...good question. I don't know what the access policy is.
Uhhh... could you find out? ;) (That they're public in some sense is fairly obvious. The real question is whether the access policy is "everyone and anyone", or "please only use these NTP servers if you're providing time services to at least a hundred clients or so"...)