freebsd stable - Jul 2015 - 10.2-BETA2 patch etc/ntp.conf to enable ntpd pool client functionality

I have submitted a patch to the distributed ntp.conf to enable ntpd pool
client functionality.  This was not possible in the ancient version of
ntpd shipped with FreeBSD releases over the past several years.

  https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201803

Essentially this gives you a larger set of DYNAMIC servers from the
pool.  If ntpd decides one of the configured servers has become
unreliable it will drop it and configure a new one.

Also, there is a 'restrict source' command which provides template
access restrictions for upstream servers.  When a server is dynamically
configured, a dynamic restrict entry is created for it from the
'restrict source' template.  When a server is dynamically removed, its
'restrict' entry is also removed.

This is the result on a 10.2-BETA2 (r285783) server.

rwsrv02> ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
=============================================================================
0.freebsd.pool. .POOL.          16 p    -   64    0    0.000    0.000   0.004
 1.freebsd.pool. .POOL.          16 p    -   64    0    0.000    0.000   0.004
 2.freebsd.pool. .POOL.          16 p    -   64    0    0.000    0.000   0.004
+125.255.139.115 130.194.1.96     2 u   27  128  377   43.168   -5.505   0.924
+203.23.237.200  203.35.83.242    2 u   26  128  377   29.877   -4.786   0.749
-121.0.0.42      23.31.237.112    3 u  212  256  377   46.560   -2.756   5.783
*54.252.165.245  202.21.137.10    2 u   25  128  377   30.060   -4.859   0.783
-2001:418:3ff::1 204.123.2.72     2 u  165  256  377  173.324   -1.592   1.651
-2001:df0:fe:2:: 130.102.2.123    3 u  106  256  377   44.177    4.080   3.690
+130.102.2.123   216.218.254.202  2 u   20  128  377   46.288   -4.332   1.416

The same server running an un-patched ntp.conf looks like this.

rwsrv02> ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
=============================================================================*54.252.165.245
202.21.137.10    2 u   32   64   17   31.100   -7.764   3.887
+202.127.210.37  130.102.2.123    3 u   32   64   17   40.181    2.001   2.074
+2001:df0:fe:2:: 130.102.2.123    3 u   32   64   17   45.974    2.414   2.502

-- 
John Marshall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20150724/ae16dad3/attachment.bin>

On Jul 24 12:27, John Marshall wrote:
>I have submitted a patch to the distributed ntp.conf to enable ntpd pool
>client functionality.  This was not possible in the ancient version of
>ntpd shipped with FreeBSD releases over the past several years.
>
>  https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201803
>
Thanks for this. But I would like to make some additional suggestions.  
There is no need to use multiple pools. You only need one. Pool works by 
using the minclock and maxclock values to work out how many peers it 
needs to add and keep track of. minclock is the minimum amount of * and 
+ peers it should keep, and maxclock is the maximum amount of total 
peers including the actual pool itself. Also the local clock has been 
deprecated in favour of orphan mode. So I would suggest something like 
this instead:

pool 0.freebsd.pool.ntp.org iburst
tos minclock 3 maxclock 6 orphan 6

This will fire up a pool association and then add 5 peers from that pool 
and keep a minimum of 3 in * or + modes. If any become unreliable it 
will add more according to the min/maxclock values.

For more info:

http://support.ntp.org/bin/view/Support/OrphanMode

http://lists.ntp.org/pipermail/questions/2010-April/026304.html

-- 
Matt