# Stratum One server config and peers parameter



## linuxuser2010 (Jul 20, 2010)

Currently setting up a stratum 1 server - what is the typical setup for the ntp.conf file. For instance, I understand I need to include

server 127.127.20.0 minpoll 4 maxpoll 4

to read my gps receiver and set the polling parameters. But, is the gps receiver the only device the stratum 1 server gets its time from, or should other stratum 1 servers be listed as peers to help further refine and improve my stratum 1's time?

Thank you.


----------



## gordon@ (Jul 21, 2010)

Data from a stratum 1 server is not as accurate as the data from your gps receiver (which is stratum 0).


----------



## loop (Jul 21, 2010)

linuxuser2010 said:
			
		

> But, is the gps receiver the only device the stratum 1 server gets its time from, or should other stratum 1 servers be listed as peers to help further refine and improve my stratum 1's time?



Yes. you should peer your stratum 1 server with other stratum 1 servers.  Best contacting the admin of the peers you would like to use and request permission - some admins get funny about unannounced stratum 1 peers.

If you want to make your stratum 1 server public, consider joining pool.ntp.org and/or adding it to the list at ntp.org



			
				gordon@ said:
			
		

> Data from a stratum 1 server is not as accurate as the data from your gps receiver (which is stratum 0).



.. which is the entire point of referencing a stratum 1 time source to a stratum 0. You should never make a stratum 0 clock available on the network directly.


----------



## linuxuser2010 (Jul 21, 2010)

Thanks for your responses - I do plan on making this server available for public access at pool.ntp.org. 

Since I'll be making the stratum 1 server available to the public, some security measures to prevent client abuse should be implemented. To complement the 'restrict' parameter, I've read the 'limited' and 'discard' parameters along with 'minimum _int_' can be used to indicate the packet spacing the client must adhere to when transmitting to upstream/peer servers. For example:


```
#this host cannot remotely configure server
restrict  204.9.54.119 kod nomodify limited   

# if client transmits packets in shorter bursts than 2 second interval, drop those packets # and send 'kiss of death' bit to restrict client from 
sending any more packets until ok'd # by system operator. (This is what I took from it)
discard minimum 2
```

Am I on the right track with this setup? Limiting the packets that can be sent may cause problems with users who have 'iburst' enabled with their servers. I've setup a few linux boxes to try these parameters out, but welcome/encourage input from anyone who knows a more secure way of providing restrictive access controls to prevent client abuse. I'll post my results and continue to do so as I progress.

Thank you.


----------

