Publicly Available Services
Vikings provides various publicly available services that are essential for the Internet to work properly but usually run unnoticed by the average user. All publicly available services at Vikings are provided only from hardware that uses libre boot firmware, libre operating systems and user-space software.
These services are free of charge for everyone who wants to use them in the hope that they will be useful, but without warranty; even without the implied warranty of merchantability or fitness for a particular purpose.
Network Time Protocol (NTP)
Why is NTP Important?
NTP is a protocol designed to synchronize the clocks of computers over a network to a common timebase (usually UTC).
Time is inherently important to the function of routers, networks and computers. It provides the only frame of reference between all devices on the network. Without synchronized time, accurately correlating information between devices becomes difficult, if not impossible.
Accurate time stamps are essential to everything from maintaining and troubleshooting equipment and forensic analysis of distributed attacks, to resolving disputes among parties contesting a commercially valuable time-sensitive transaction. In a programming environment, time stamps are usually used to determine what bits of code need to be rebuilt as part of a dependency checking process as they relate to other bits of code and the time stamps on them, and without good time stamps your entire development process can be brought to a complete standstill. Within law enforcement, they are essential for correlation of distributed communication events, forensic analysis, and potential evidentiary use in criminal proceedings. In essence, all debugging, security, audit, and authentication is founded on the basis of event correlation (knowing exactly what happened in what order, and on which side), and that depends on good time synchronization.
Finally, even if you are able to put the pieces together, unsynchronized times, especially between log files, may give an attacker with a good attorney enough wiggle room to escape prosecution.
Vikings' NTP Servers
Since December 2008 Vikings runs three time servers using the NTP protocol. These are housed in different networks in Germany and have the following addresses:
To use these time servers with GNU/Linux ntpd must be configured accordingly. For example the following three lines can be inserted (or replacing the existing lines) in the /etc/ntp.conf file:
server ntp1.vikings.net iburst server ntp2.vikings.net iburst server ntp3.vikings.net iburst
This document does not cover older version of ntpd that may require the additional parameters that became obsolete (up to version 4.x of ntpd). Always run a recent version of ntpd; usually the one provided by your up to date GNU/Linux distro will be sufficient and recent enough.
Optionally a few public servers can and should be added as well:
server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org
The 0, 1, 2 and 3.pool.ntp.org names point to a random set of servers that will change every hour. Make sure your computer's clock is set to something sensible (within a few minutes of the 'true' time) - you could use ntpdate pool.ntp.org, or you could just use the date command and set it to your wristwatch. Start ntpd, and after some time (this could take as long as half an hour!), ntpq -pn should output something like:
$ ntpq -pn remote refid st t when poll reach delay offset jitter ============================================================================== +22.214.171.124 126.96.36.199 2 u 68 1024 377 158.995 51.220 50.287 *188.8.131.52 184.108.40.206 2 u 191 1024 176 79.245 3.589 27.454 -220.127.116.11 18.104.22.168 3 u 766 1024 377 22.302 -2.928 0.508
The IP addresses will be different, because you've been assigned random timeservers. The essential thing is that one of the lines starts with an asterisk (*), this means your computer gets the time from the internet - you'll never have to worry about it again!
Looking up pool.ntp.org (or 0.pool.ntp.org, 1.pool.ntp.org, etc) will usually return IP addresses for servers in or close to your country. For most users this will give the best results.
You can also use the continental zones (For example europe, north-america, oceania or asia.pool.ntp.org), and a country zone (like ch.pool.ntp.org in Switzerland) - for all these zones, you can again use the 0, 1 or 2 prefixes, like 0.ch.pool.ntp.org. Note, however, that the country zone might not exist for your country, or might contain only one or two timeservers.
After making changes to the NTP settings restart ntpd for the changes to come into effect.
Consider if the NTP Pool is appropriate for your use
If business, organization or human life depends on having correct time or can be harmed by it being wrong, you shouldn't "just get it off the internet". The NTP Pool is generally very high quality, but it is a service run by volunteers in their spare time. Please talk to your equipment and service vendors about getting local and reliable service setup for you.
If you have a static IP address
.. and a reasonable Internet connection (bandwidth is not so important, but it should be stable and not too highly loaded), please consider donating your server to the server pool. It doesn't cost you more than a few hundred bytes per second traffic, but you help the NTP project to survive. Please read the joining page on their website for more information.
If your server is located at Vikings
..or if you know of another good timeserver near you, you should use that and not the NTP pool - you'll probably get better time and you'll use fewer network resources. If you know only one timeserver near you, you can of course use that and two from pool.ntp.org or so.
Timeserver assigned twice
It can rarely happen that you are assigned the same timeserver twice - just restarting the ntp server usually solves this problem. If you use a country zone, please note that it may be because there is only one server known in the project - better use a continental zone in that case. You can browse the zones to see how many servers we have in each zone.
Many servers are provided by volunteers, and almost all time servers are really file or mail or webservers which just happen to also run ntp (this is not the case at Vikings). So don't use more than four time servers in your configuration unless you have for some reason, and don't play tricks with burst or minpoll - all you will gain is extra load on the volunteer time servers.