1

I am doing some reliability tests and needed a list of NTP servers from fr.pool.ntp.org (or any other geographic or national pool).

I queried the pool 100 times but only got 13 unique servers (out of the 255 available for FR). This is expected as this is how DNS cache works and will be enough for the tests but I wonder what would be a better to directly get a subset of the pool server IPs.

I did not find them published on ntp.org (this is not needed for clients who will query [0-3].<something>.pool.ntp.org but since there are activity graphs I though that there could be a more detailed list).

The list is not confidential as it is indirectly queried via DNS, though I can understand concerns about potential DoS or whatever should a complete one be available.

So: are there such lists and if not - why?

WoJ
  • 3,607
  • 9
  • 49
  • 79
  • On http://www.pool.ntp.org/en/use.html they say, that the servers change hourly (unless one fails and is replaced). Can you check that by asking only every hour? – ott-- Mar 21 '15 at 14:30
  • @ott--: I could, yes, but even right now when querying the pool (`fr.pool.ntp.org`, not the servers `0.pool...`) 100 times in a row I get 13 distinct servers. By seeding the DNS servers I could try to go around the cache -- but what I am looking for is a straight list of servers, not one which is built up indirectly. – WoJ Mar 21 '15 at 14:36

2 Answers2

2

You can find out about the pool at http://www.pool.ntp.org/.

I queried the pool 100 times but only got 13 unique servers (out of the 255 available for FR).

The DNS server for the NTP Pool brings hosts in and out of the available DNS over time. For example, my host gets brought into the available pool for a 15 minute slot every few hours.

I did not find [a list of servers] published on ntp.org [...]

You could ask on the NTP Pool mailing list. I'm not sure you'll be given the current definitive list, though, but it might be worth asking. I'm happy to offer my server as an NTP Host but I'm not sure I would want it in a published list.

Disclaimer: I provide one of the NTP servers for the UK pool. I do this "because I can". I am not a Pool Administrator.

roaima
  • 1,591
  • 14
  • 28
  • I completely understand that the provider of an NTP host may not want to have it published (I probably would have had the same concerns). I do not want to overuse the NTP service and since the visibility of the hosts does not seem to be provided outside of DNS queries I will leave my quest there. The 13 hosts I gathered are enough for a test (which is a one shot one (or seldom-shot one so to speak)). Thank you for providing resources to the community, BTW :) – WoJ Mar 21 '15 at 15:33
  • @WoJ If you're looking for a named set of reliable NTP servers, I would start with one from your ISP, one from your governmental National Time Office, and one from a "close" country. (I'm sure you know this, but make sure you use an odd number of time servers.) – roaima Mar 21 '15 at 15:47
1

Since the DNS replies are cached by DNS resolvers, it is no surprise that you kept getting the same answers.

It is also possible that the authoritative DNS servers will decide which subset of NTP servers is most suitable based on proximity to the DNS recursors, which means even after the cache has expired, you are likely to get the same IPs again after querying again.

This also leads to an obvious approach to finding as many different NTP servers from the pool as possible, simply send queries to as many different DNS recursors as you have access to.

Also notice that if any of the NTP servers in the pool are using anycast addresses, the number of IP addresses may in fact be smaller than the number of servers.

kasperd
  • 30,455
  • 17
  • 76
  • 124
  • I understand why I am getting a limited number of servers (and this is fine and expected). My question was about the direct availability of a larger list (as opposed to one built-up from DNS queries). I will make that clear in the question. – WoJ Mar 21 '15 at 14:05